RE: deny access
From: David Gillett (gillettdavid_at_fhda.edu)
Date: 11/29/04
- Previous message: Rui Machado: "security mecanism for small app"
- In reply to: Carlos Garcia: "deny access"
- Next in thread: Omar Salvador Alcalá Ruiz: "RE: deny access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Carlos Garcia'" <carlosg@cabonet.net.mx>, <security-basics@securityfocus.com> Date: Mon, 29 Nov 2004 09:33:08 -0800
The canonical way to do this is with an access list, but that
might be biting off more than you're ready to chew.
A "quick and dirty" method is to add a black hole route for
this address:
enable
config terminal
ip route 216.212.33.185 255.255.255.255 Null0
end
write mem
Your email server will still receive SYN packets when this
address tries to connect, but the answering SYN-ACK packets
won't make it past your router and so the connection can never
be established. (Nor will that address get an answer to pings.)
David Gillett
> -----Original Message-----
> From: Carlos Garcia [mailto:carlosg@cabonet.net.mx]
> Sent: Wednesday, November 24, 2004 3:28 PM
> To: security-basics@securityfocus.com
> Subject: deny access
>
>
> newbie question how can i block this ip 216.212.33.185 i have
> a cisco 7200
> this ip is trying to send mail with my server, i did not
> configure the
> router so i dont know how to do this any help?
>
>
> Atte.
> Carlos A. Garcia G.
> Cabonet Staff
> Tel (624) 14 30120
>
>
- Previous message: Rui Machado: "security mecanism for small app"
- In reply to: Carlos Garcia: "deny access"
- Next in thread: Omar Salvador Alcalá Ruiz: "RE: deny access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
