access-list 151 deny ip ip.of.id.iot host
-------------^^^ (ALL ip traffic (tcp,udp,icmp) from idiot is dropped.)
This assumes that the router is IOS-based. Those little DSL
thingies are not IOS-based. They run a miniature derivative
called CBOS. Actually, CBOS is a lot more like their current
switch OS.
In CBOS the above is not exactly possible, as it only allows 10 filters
and appears to only prevent or allow one single protocol/port combination
per filter.
Darryl Harvey wrote:
Block it from your Cisco.Sample udp block command for cisco IOS;
access-list 151 deny udp x.x.x.x 0.0.0.127 range netbios-ns netbios-ss any
access-list 151 deny udp x.x.x.x 0.0.0.63 range netbios-ns netbios-ss any
access-list 151 deny udp x.x.x.x 0.0.0.63 range netbios-ns netbios-ss anyRgds,
DarrylAt 04:14 PM 26/04/2000, you wrote:
>Hello:
>
>Can someone point me towards some good documentation on portsentry.
>
>I have a attack reported by portsentry on my tcp port 79. I blocked this IP
>address, (219.109.142.99) via my cisco router using the access-deny for tcp
>but now the @#&tard is sending me udp packets every second to port 7,
>(echo) with some kind of script that is now filling my /var/log/messages
>very quickly with portsentry attack alerts. I assume he got pissed that I
>blocked his tcp access via my router. I am not familiar enough with the IOS
>software package that comes with the router to block udp packets from
>him/her. If I can't stop him with Portsentry I guess I will have to read up
>on the cisco software but I thought I could use Portsentry to put an end to
>this in some way but really need to read on how to configure it properly.
>Any help would be appreciated.
>
>Thanks in Advance,
>
>Eddie Strohmier
>Bonwell Globalnet
>www.bonwell.com--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
-- ------------------------------------- Sam Bayne - System Administrator North Seattle Community College [EMAIL PROTECTED] (206)527-3762 =====================================
