nanog mailing list archives
RE: Auto ACL blocker
From: Thomas Magill <tmagill () providecommerce com>
Date: Tue, 18 Jan 2011 23:48:45 +0000
Also, have you considered just using the spamhaus DROP list? They even have code to have the list pushed to IOS available. You could simply substitute your file for their list if you only want to use IPs caught by your honeypot. http://www.spamhaus.org/faq/answers.lasso?section=DROP%20FAQ -----Original Message----- From: Brian R. Watters [mailto:brwatters () absfoc com] Sent: Tuesday, January 18, 2011 11:12 AM To: nanog () nanog org Subject: Auto ACL blocker We are looking for the following solution. Honey pot that collects attacks against SSH/FTP and so on Said attacks are then sent to a master ACL on a edge Cisco router to block all traffic from these offenders .. Of course we would require a master whitelist as well as to not be blocked from our own networks. Any current solutions or ideas ?? -- BRW
Current thread:
- RE: Auto ACL blocker, (continued)
- RE: Auto ACL blocker Guerra, Ruben (Jan 18)
- Re: Auto ACL blocker Roland Dobbins (Jan 18)
- Re: Auto ACL blocker Greg Whynott (Jan 18)
- Re: Auto ACL blocker Larry Smith (Jan 18)
- RE: Auto ACL blocker Mark Scholten (Jan 18)
- RE: Auto ACL blocker Thomas Magill (Jan 18)
- RE: Auto ACL blocker Ronald Bonica (Jan 18)
- Re: Auto ACL blocker Brian R. Watters (Jan 18)
- Re: Auto ACL blocker Joe Blanchard (Jan 18)
- Re: Auto ACL blocker Brian R. Watters (Jan 18)
- RE: Auto ACL blocker Thomas Magill (Jan 18)
- Re: Auto ACL blocker ML (Jan 18)
- RE: Auto ACL blocker Thomas Magill (Jan 18)
- RE: Auto ACL blocker Thomas Magill (Jan 18)
- Re: Auto ACL blocker ML (Jan 18)
- Re: Auto ACL blocker Brian R. Watters (Jan 18)
- RE: Auto ACL blocker George Bonser (Jan 18)