RE: deny access

From: James McGee (james_at_infosec.co.im)
Date: 11/30/04

Next message: Beauford, Jason: "RE: Windows Messenger Pop-up spam"

Previous message: Shawn Wall: "RE: pcAnywhere question"
Maybe reply: David Gillett: "RE: deny access"
Maybe reply: James McGee: "RE: deny access"
Maybe reply: Paris E. Stone: "RE: deny access"
Maybe reply: Tran, Nhon: "RE: deny access"
Maybe reply: Richard Windmann: "RE: deny access"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <gillettdavid@fhda.edu>, "'Carlos Garcia'" <carlosg@cabonet.net.mx>, "'Agarwal, Ankur'" <Ankur.Agarwal@colt-telecom.com>, <security-basics@securityfocus.com>
Date: Tue, 30 Nov 2004 21:45:12 -0000

Sorry, just me being facecious....

He'd probably want to lock down the ports a bit though....

;-)

-----Original Message-----
From: David Gillett [mailto:gillettdavid@fhda.edu]
Sent: 30 November 2004 21:19
To: 'James McGee'; 'Carlos Garcia'; 'Agarwal, Ankur';
security-basics@securityfocus.com
Subject: RE: deny access

Well, as an alternative to "Block one IP AND block everything else", I
think it's preferable....
He didn't ask how to secure his network, he asked how to block that one
IP.

David Gillett

> -----Original Message-----
> From: James McGee [mailto:james@infosec.co.im]
> Sent: Tuesday, November 30, 2004 12:56 PM
> To: gillettdavid@fhda.edu; 'Carlos Garcia'; 'Agarwal, Ankur';
> security-basics@securityfocus.com
> Subject: RE: deny access
>
>
> Errr..
>
> I think you've just told him to block one IP but allow everyone
> else.....
>
> Not wise in my opinion....
>
>
>
> -----Original Message-----
> From: David Gillett [mailto:gillettdavid@fhda.edu]
> Sent: 29 November 2004 18:21
> To: 'Carlos Garcia'; 'Agarwal, Ankur';
> security-basics@securityfocus.com
> Subject: RE: deny access
>
> > access-list 101 deny ip host 216.212.33.185 any
>
> > access-list 101 deny ip 216.212.33.185 255.255.255.255 any
>
> First of all, these two forms are exactly the same rule; "host
> x.x.x.x" is the same as "x.x.x.x 255.255.255.255" in an access list.
> Secondly, though, every access list has an implicit "deny ip any
> any"
> tacked onto the end, so if that line is your whole access list then it
> will block ALL traffic. You need a second line
>
> access-list 101 permit ip any any
>
> to allow all traffic not blocked by the first line to flow.
>
> Thirdly, I'm guessing that this hasn't yet blocked any traffic,
> because although you've defined an access list, you haven't yet
> attached it to a port and direction. You need to add
>
> ip access-group 101 in
>
> to the configuration of your WAN/Internet interface.
>
> David Gillett
>
>
> > -----Original Message-----
> > From: Carlos Garcia [mailto:carlosg@cabonet.net.mx]
> > Sent: Thursday, November 25, 2004 6:41 PM
> > To: Agarwal, Ankur; security-basics@securityfocus.com
> > Subject: Re: deny access
> >
> >
> > ok i just write
> > access-list 101 deny ip host 216.212.33.185 any is this ok?
> > i put too
> > access-list 101 deny ip 216.212.33.185 255.255.255.255 any...
> > and can somebody tell me how to improve this, i run some
> servers and i
> > want to protec them mail, web,dns,proxy's where can i find
> a list so
> > that it helps me how to configure the router to support QoS
> i need it
> > for VoIP service??? thanks for all the help
> >
> > Atte.
> > Carlos A. Garcia G.
> > Cabonet Staff
> > Tel (624) 14 30120
> >
> >
> > ----- Original Message -----
> > From: "Agarwal, Ankur" <Ankur.Agarwal@colt-telecom.com>
> > To: "'Carlos Garcia'" <carlosg@cabonet.net.mx>;
> > <security-basics@securityfocus.com>
> > Sent: Thursday, November 25, 2004 7:17 PM
> > Subject: RE: deny access
> >
> >
> > > HI
> > > Simply create an deny access list to block this IP.
> > >
> > > Access-list 101 deny ip source ip destination ip
> > >
> > >
> > >
> > > Thanks & Regards,
> > >
> > > ___________________________________________________
> > > Ankur Agarwal
> > >
> > >
> > >
> > > One Dial : 8-911-7428
> > > Tel : +91 124 5157000 (Ext. 2272)
> > > *Cell : +91 9810702016
> > >
> > >
> > >
> > > COLT India
> > > ankur.agarwal@colt-telecom.com
> > >
> > > ___________________________________________________
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: Carlos Garcia [mailto:carlosg@cabonet.net.mx]
> > > Sent: 25 November 2004 04:58
> > > To: security-basics@securityfocus.com
> > > Subject: deny access
> > >
> > >
> > > newbie question how can i block this ip 216.212.33.185 i
> > have a cisco 7200
> > > this ip is trying to send mail with my server, i did not
> > configure the
> > > router so i dont know how to do this any help?
> > >
> > >
> > > Atte.
> > > Carlos A. Garcia G.
> > > Cabonet Staff
> > > Tel (624) 14 30120
> > >
> > >
> > >
> > >
> > **************************************************************
> > ***********************
> > > The message is intended for the named addressee only and
> may not be
> > > disclosed to or used by anyone else, nor may it be copied
> > in any way.
> > >
> > > The contents of this message and its attachments are
> > confidential and may
> > > also be subject to legal privilege. If you are not the
> > named addressee
> > > and/or have received this message in error, please advise
> > us by e-mailing
> > > security@colt.net and delete the message and any
> > attachments without
> > > retaining any copies.
> > >
> > > Internet communications are not secure and COLT does not accept
> > > responsibility for this message, its contents nor
> > responsibility for any
> > > viruses.
> > >
> > > No contracts can be created or varied on behalf of COLT
> > > Telecommunications, its subsidiaries or affiliates ("COLT")
> > and any other
> > > party by email Communications unless expressly agreed in
> > writing with such
> > > other party.
> > >
> > > Please note that incoming emails will be automatically scanned to
> > > eliminate potential viruses and unsolicited promotional
> > emails. For more
> > > information refer to www.colt.net or contact us on +44(0)20
> > 7390 3900.
> > >
> > >
> >
>

Next message: Beauford, Jason: "RE: Windows Messenger Pop-up spam"

Previous message: Shawn Wall: "RE: pcAnywhere question"
Maybe reply: David Gillett: "RE: deny access"
Maybe reply: James McGee: "RE: deny access"
Maybe reply: Paris E. Stone: "RE: deny access"
Maybe reply: Tran, Nhon: "RE: deny access"
Maybe reply: Richard Windmann: "RE: deny access"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

block ports out to internet but not out over site-to-site tunnel
... I am trying to block certain ports ... and mapped network drives) How can I accomplish this on the PIX alone, ... access-list inside_access_in permit icmp any any ... access-group outside_access_in in interface outside ...
(comp.dcom.sys.cisco)
Re: Denying Users access to Instant Messenger
... Yes close ports 5190 and 1863 on all interfaces if you are using RRAS you ... can deny access in and out on these ports. ... > users from being able to connect to MSN Messenger and AOL ...
(microsoft.public.inetserver.iis.security)
Re: Kerio pops up warning when Im typing, risks allowing connection
... As for stopping the popup queries, you could add a rule to default deny access to all (ports, addresses, programs) as a last rule after whatever rules list you have setup already. ...
(comp.security.firewalls)