Rob Thomas has a great site with sample configs. He uses the term "Bogon" to refer to ip addresses that are not allocated. Best that you send incoming packets with those addresses to Null0. Also good to filter those addresses should they be coming from your network. -- Which means that someone inside is up to no good or one of your machines has been hijacked. http://www.cymru.com/Documents/secure-ios-template.html
> -----Original Message----- > From: Evans, TJ (BearingPoint) [mailto:[EMAIL PROTECTED] > Sent: Monday, February 24, 2003 12:07 PM > To: [EMAIL PROTECTED] > Subject: RE: Network Blackholes. [7:63620] > > > Blackholing is frequently used to block traffic to known > 'bad' addresses, or > to alleviate a (D)DoS attack victim's woes. > > Using ACL's is not the preferred way however - just route > traffic to nul0 > (use no icmp unreachables too ... ) > > > Google can be your friend! > Thanks! > TJ > -----Original Message----- > From: MADMAN [mailto:[EMAIL PROTECTED] > Sent: Monday, February 24, 2003 10:19 AM > To: [EMAIL PROTECTED] > Subject: Re: Network Blackholes. [7:63620] > > AFAIK blackholes in networking have to do with reachability or more > accurately lack thereof not something you block via access-lists. I > suppose you could create blackholes with access-lists though;) > > Dave > > Manoj Ghorpade wrote: > > Hi All, > > Have a question for all the networking guru's. > > Can somebody explain me the concept of network blackholes. > > Any idea how to block these on the router using access-lists ? > > > > Regards > > > > Manoj Ghorpade. > -- > David Madland > CCIE# 2016 > Sr. Network Engineer > Qwest Communications > 612-664-3367 > > "You don't make the poor richer by making the rich poorer." --Winston > Churchill > ************************************************************** > **************** > The information in this email is confidential and may be legally > privileged. Access to this email by anyone other than the > intended addressee is unauthorized. If you are not the intended > recipient of this message, any review, disclosure, copying, > distribution, retention, or any action taken or omitted to be taken > in reliance on it is prohibited and may be unlawful. If you are not > the intended recipient, please reply to or forward a copy of this > message to the sender and delete the message, any attachments, > and any copies thereof from your system. > ************************************************************** > **************** Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63643&t=63620 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
