I keep seeing stuff with a udp src or dst port of 0. Anyone else see
that in the wild?
Michael Smith wrote:
Hey Matt:
From: matthew zeier <[EMAIL PROTECTED]>
Date: Mon, 30 Jun 2008 13:32:06 -0700
To: "cisco-nsp@puck.nether.net" <cisco-nsp@puck.nether.net>
Subject: [c-nsp] bcp on edge filtering & udp
Trying to find a pre-build set of ACLs for filtering bogus inbound udp,
if one already exists, otherwise I'll have to build my own :)
Here's a good start.
access-list 199 deny udp any any eq 135
access-list 199 deny udp any any eq 137
access-list 199 deny udp any any eq 138
access-list 199 deny udp any any eq 139
access-list 199 deny udp any any eq 445
access-list 199 deny udp any any eq 4899
access-list 199 deny udp any any eq 1434
access-list 199 deny udp any any eq 194
access-list 199 deny udp any any eq 529
access-list 199 deny udp any any eq 994
access-list 199 deny udp any any eq 69
access-list 199 deny udp any any range 6666 6669
Regards,
Mike
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/