On Feb 11, 2008, at 10:05 PM, Christian Koch wrote:
> would using "shun" suffice until, i can deploy RTBH as
> every site, or would it impose unneeded complication
You'll have to determine that - I'd suggest doing everything possible
to get S/RTBH (source-based, not just destination-based) dep
thanks Jeff - good to know
On Feb 11, 2008 10:01 AM, Jeff Kell <[EMAIL PROTECTED]> wrote:
> Brandon Price wrote:
> > Used it many times for keeping the BOZOS out..
> >
> > Works great!
>
> Two caveats:
>
> (1) It only blocks traffic *sourced* from the IP you shun, and
> (2) In early software ver
hi Roland, i do have RTBH deployed, but not in every data center YET, so
maybe to rephrase - would using "shun" suffice until, i can deploy RTBH as
every site, or would it impose unneeded complication
On Feb 11, 2008 9:54 AM, Roland Dobbins <[EMAIL PROTECTED]> wrote:
>
> On Feb 11, 2008, at 9:51
Brandon Price wrote:
> Used it many times for keeping the BOZOS out..
>
> Works great!
Two caveats:
(1) It only blocks traffic *sourced* from the IP you shun, and
(2) In early software versions in the 7.x train, a shun does *not*
affect established connections
Jeff
___
On Feb 11, 2008, at 9:51 PM, Christian Koch wrote:
> Hypothetical situation - customer A calls, please block attacking ip
> x.x.x.x,
> im thinking - do i want to use objects groups for "dirty ip's" and
> add to a
> deny ACL or do i want to just shun it..
S/RTBH would probably be a better opt
On Feb 11, 2008, at 9:16 PM, Christian Koch wrote:
> IS there any reasons NOT to use it?
If you're talking about automagic shunning, it's important to note
that any kind of dynamic shunning mechanism can potentially be
manipulated by attackers in order to cause a DDoS of legitimate
traffi
L PROTECTED] On Behalf Of Christian Koch
> Sent: February 11, 2008 09:16
> To: cisco-nsp@puck.nether.net
> Subject: [c-nsp] Shunning Traffic on ASA's
>
> Does anyone actually use this?
>
> IS there any reasons NOT to use it?
>
> Advantages/Disadvantages of using i
ry 11, 2008 6:16 AM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Shunning Traffic on ASA's
Does anyone actually use this?
IS there any reasons NOT to use it?
Advantages/Disadvantages of using it?
I've never used it myself, but am wondering if it is a decent quick way
to mitigate
ractical perspective, I can't provide any feedback
as I've never implemented it.
Vijay Ramcharan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Christian Koch
Sent: February 11, 2008 09:16
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Shunnin
Does anyone actually use this?
IS there any reasons NOT to use it?
Advantages/Disadvantages of using it?
I've never used it myself, but am wondering if it is a decent quick way to
mitigate attacking ip's
Thanks!
___
cisco-nsp mailing list cisco-nsp@p
10 matches
Mail list logo