There is an interesting thread coming through on NANOG ( www.nanog.org ) regarding a suspected DDoS buildup. The following in one message I thought might be of interest to us Cisco aficionados BTW - there is reportedly an extreme increase in port scans and hack attempts over port 139 ( quick - what services are available via port 139, and why should you be concerned? ) There are also reports of a particular virus being placed on machines that have been compromised via port 139. Watching the NANOG list, and this thread in particular, has been quite educational for me. It would seem that there are a number of sharp folks who devote a LOT of time and effort to making the internet safe for all of us. Chuck -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Segal, Mark Sent: Thursday, September 28, 2000 1:16 PM To: 'James A. T. Rice'; [EMAIL PROTECTED] Subject: RE: CEF RPF check w/ACLs (was: Re: netscan.org update) What a novel idea.. :). That would put all my expect programmers out of business though.. o well. If there are any Cisco folks listening.. This just makes sense. Mark -- > -----Original Message----- > From: James A. T. Rice [mailto:[EMAIL PROTECTED]] > Sent: Thursday, September 28, 2000 9:49 AM > To: [EMAIL PROTECTED] > Subject: Re: CEF RPF check w/ACLs (was: Re: netscan.org update) > > > > Wow, I wonder what cisco would do with my wish list: > > > ip verify unicast reverse-exists > > i.e. only accept the packet on this interface if there is a > route back to > the source, *not necessarily on the same interface*.. > This should be safe to use on all interfaces and could use > the existing > CEF FIB, and might catch a lot of spoofed packets on a good day. > > > ip verify unicast destination-advertised > > This would check the destination address on any packet coming into an > interface, and drop it if a route to that destination WASNT > advertised out > of that interface - /ideal/ for NAPs & IX's. Couldnt use the > existing cef > tables, cisco would need to write an advertised-table for each > interface. Again this should be safe to use on almost any interface. > > > Regards > James > > > On Mon, 25 Sep 2000, Tony Tauber wrote: > > > I was the one who asked for something like it and a friendly > > developer coded it up nice and quickly. > > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _________________________________ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
