[44457] in North American Network Operators' Group
Re: ACLs / Filter Lists - Best Practices
daemon@ATHENA.MIT.EDU (E.B. Dreger)
Tue Nov 27 20:33:30 2001
Date: Wed, 28 Nov 2001 01:32:58 +0000 (GMT)
From: "E.B. Dreger" <eddy+public+spam@noc.everquick.net>
To: John McBrayne <mcbrayne@caspiannetworks.com>
Cc: nanog@merit.edu
In-Reply-To: <3C0423AE.BAE18582@caspiannetworks.com>
Message-ID: <Pine.LNX.4.20.0111280131200.7631-100000@www.everquick.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
> Date: Tue, 27 Nov 2001 15:37:18 -0800
> From: John McBrayne <mcbrayne@caspiannetworks.com>
> Is anyone aware of any current "best practices" related to the
> recommended set of filtering rules (Cisco ACL lists or Juniper filter
> sets) for reasons of Security, statistics collection, DoS attack
> analysis/prevention, etc.? I'm curious to see if there are any such
> recommendations for Tier 1/Tier 2 backbone routers, peering points,
> etc., as opposed to CPE terminations or Enterprise/LAN equipment
> recommendations.
>
> Actual config file examples would be great, if they exist.
_Rob's Articles Collection_ makes a great start:
http://www.cymru.com/~robt/Docs/Articles/
Have fun.
HTH,
Eddy
---------------------------------------------------------------------------
Brotsman & Dreger, Inc. - EverQuick Internet Division
Phone: +1 (316) 794-8922 Wichita/(Inter)national
Phone: +1 (785) 865-5885 Lawrence
---------------------------------------------------------------------------
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@brics.com>
To: blacklist@brics.com
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots. Do NOT
send mail to <blacklist@brics.com>, or you are likely to be blocked.
