nanog mailing list archives

Re: Auto ACL blocker

From: "Brian R. Watters" <brwatters () absfoc com>
Date: Tue, 18 Jan 2011 12:01:27 -0800 (PST)

Ron,

I am sure any solution given enough time could be used against you, However my hope was that a whitelist could help in 
that regard however I know your correct.

----- Original Message -----
From: "Ronald Bonica" <rbonica () juniper net>
To: "Brian R. Watters" <brwatters () absfoc com>, nanog () nanog org
Sent: Tuesday, January 18, 2011 11:55:28 AM
Subject: RE: Auto ACL blocker

Brian,

Have you thought about what a bad guy might do if he knew that you had such a policy deployed? Is there a way that the 
bad guy might turn the policy against you?

                                                     Ron

-----Original Message-----
From: Brian R. Watters [mailto:brwatters () absfoc com]
Sent: Tuesday, January 18, 2011 2:12 PM
To: nanog () nanog org
Subject: Auto ACL blocker

We are looking for the following solution.

Honey pot that collects attacks against SSH/FTP and so on

Said attacks are then sent to a master ACL on a edge Cisco router to
block all traffic from these offenders ..

Of course we would require a master whitelist as well as to not be
blocked from our own networks.

Any current solutions or ideas ??

--

BRW


-- 

Brian R. Watters 
Director 
American Broadband Family of Companies 
5718 East Shields Ave 
Fresno, CA. 93727 
brwatters () absfoc com 
http://www.americanbroadbandservice.com 
tel: 559-420-0205 
fax:559-272-5266 
toll free: 866-827-4638 

ABS offers T-1's starting at $289 in over 450 cities. Is your city on the list? Click here to find out. 

This message and any attachment(s) are solely for the use of intended recipients. They may contain privileged and/or 
confidential information legally protected from disclosure. If you are not the intended recipient, you are hereby 
notified that you received this e-mail in error and that any review, dissemination, distribution or copying of this 
e-mail and any attachment(s) is strictly prohibited. If you have received this e-mail in error, please contact the 
sender and delete the message and any attachment(s) from your system. Thank you for your cooperation.

Current thread:

Auto ACL blocker Brian R. Watters (Jan 18)
- RE: Auto ACL blocker Guerra, Ruben (Jan 18)
- Re: Auto ACL blocker Roland Dobbins (Jan 18)
- Re: Auto ACL blocker Greg Whynott (Jan 18)
- Re: Auto ACL blocker Larry Smith (Jan 18)
  - RE: Auto ACL blocker Mark Scholten (Jan 18)
- RE: Auto ACL blocker Thomas Magill (Jan 18)
- RE: Auto ACL blocker Ronald Bonica (Jan 18)
  - Re: Auto ACL blocker Brian R. Watters (Jan 18)
- Re: Auto ACL blocker Joe Blanchard (Jan 18)
  - Re: Auto ACL blocker Brian R. Watters (Jan 18)
- RE: Auto ACL blocker Thomas Magill (Jan 18)
  - Re: Auto ACL blocker ML (Jan 18)
    - RE: Auto ACL blocker Thomas Magill (Jan 18)
    - RE: Auto ACL blocker Thomas Magill (Jan 18)
- <Possible follow-ups>
- Re: Auto ACL blocker Brian R. Watters (Jan 18)
  - RE: Auto ACL blocker George Bonser (Jan 18)