[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Auto ACL blocker

Subject: Auto ACL blocker
From: gbonser at seven.com (George Bonser)
Date: Tue, 18 Jan 2011 13:21:46 -0800
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>



> From: Brian R. Watters 
> Sent: Tuesday, January 18, 2011 1:14 PM
> To: Dorn Hetzel
> Cc: nanog at nanog.org
> Subject: Re: Auto ACL blocker
> 
> Agreed, time to live in the ACL is critical as well .. this is primary
> to be used to stop sweeps and penetration testing .. We have SNORT
> deployed now but the process is still manual on the back end and of
> course does not respond in the time required.

I suppose you could use tcp wrappers to be creative and launch netcat to "bend" the connection right back to the originator so they spend all their time hacking themselves.

References:
- Auto ACL blocker
  - From: brwatters at absfoc.com (Brian R. Watters)

Prev by Date: Dual Homed BGP for failover
Next by Date: Dual Homed BGP for failover
Previous by thread: Auto ACL blocker
Next by thread: Authentication using Microsoft 2008 Active directory for Cisco RADIUS login
Index(es):
- Date
- Thread