Re: DOS?

[Iljitsch van Beijnum <iljitsch () muada com>]

On Sat, 25 Jan 2003, Doug Barton wrote:

> Anyone want to get involved in some sort of real time chat (like IRC) to
> disuss strategies? We're seeing some pretty big traffic, and related
> problems in multiple colo's world wide.

What's to discuss? If you put something like

access-list 150 deny udp any any eq 1434 log-input
access-list 150 permit ip any any

on all your customer-facing ports you get to

1. filter out the disruptive traffic
2. see which customer systems are infected

This works well even on relatively underpowered Cisco 7200 boxes.