[135212] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Auto ACL blocker

daemon@ATHENA.MIT.EDU (Larry Smith)
Tue Jan 18 14:36:10 2011

From: Larry Smith <lesmith@ecsis.net>
To: nanog@nanog.org
Date: Tue, 18 Jan 2011 13:31:30 -0600
In-Reply-To: <29286818.215.1295377932987.JavaMail.root@mail.absfoc.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

On Tue January 18 2011 13:12, Brian R. Watters wrote:
> We are looking for the following solution.
>
> Honey pot that collects attacks against SSH/FTP and so on
>
> Said attacks are then sent to a master ACL on a edge Cisco router to block
> all traffic from these offenders ..
>
> Of course we would require a master whitelist as well as to not be blocked
> from our own networks.
>
> Any current solutions or ideas ??

Private BGP session with Zebra or Quagga on a linux box
adding the selected IP to a null route.

-- 
Larry Smith
lesmith@ecsis.net


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[135212] in North American Network Operators' Group

Re: Auto ACL blocker

daemon@ATHENA.MIT.EDU (Larry Smith)Tue Jan 18 14:36:10 2011

daemon@ATHENA.MIT.EDU (Larry Smith)
Tue Jan 18 14:36:10 2011