nanog mailing list archives
Re: zotob - blocking tcp/445
From: "Christopher L. Morrow" <christopher.morrow () mci com>
Date: Wed, 17 Aug 2005 17:34:29 +0000 (GMT)
On Wed, 17 Aug 2005, William Warren wrote:
I may be off base here. Can't an ips look at the traffic; say on 443 and figure out whether the traffic is malicious or not? If so then let it filter it. I know IPS's aren't perfect, but, i would prefer this router be taken, if available and sensible including network outage or DDOS, than a hard block. A quick block to mitigate and then an IPS rule
and you have an IPS that works on oc-192 SONET links? what about the coming oc-768?
Current thread:
- Re: zotob - blocking tcp/445, (continued)
- Re: zotob - blocking tcp/445 Florian Weimer (Aug 17)
- Re: zotob - blocking tcp/445 Scott Weeks (Aug 15)
- RE: zotob - blocking tcp/445 Church, Chuck (Aug 15)
- RE: zotob - blocking tcp/445 Christopher L. Morrow (Aug 15)
- RE: zotob - blocking tcp/445 Erik Amundson (Aug 15)
- Re: zotob - blocking tcp/445 sthaug (Aug 16)
- Re: zotob - blocking tcp/445 William Warren (Aug 17)
- Re: zotob - blocking tcp/445 Andy Johnson (Aug 17)
- Re: zotob - blocking tcp/445 Daniel Senie (Aug 17)
- Re: zotob - blocking tcp/445 Petri Helenius (Aug 17)
- Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 17)
- Re: zotob - blocking tcp/445 Sane Jiri (Aug 16)
- Re: zotob - blocking tcp/445 MARLON BORBA (Aug 16)
- RE: zotob - blocking tcp/445 Church, Chuck (Aug 16)
- Re: zotob - blocking tcp/445 Valdis . Kletnieks (Aug 16)
- Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 16)
- Re: zotob - blocking tcp/445 Sean Donelan (Aug 16)
- Re: zotob - blocking tcp/445 Valdis . Kletnieks (Aug 16)
- Re: zotob - blocking tcp/445 Bill Nash (Aug 18)
- Re: zotob - blocking tcp/445 Andy Johnson (Aug 18)