RE: [nsp] How to block Nimda in PIX or router

From: isamar@isamarmaia.org
Date: Thu Jan 10 2002 - 04:50:02 EST


can I do it in a 3600 router?

On Wed, 9 Jan 2002, Grace, Terry wrote:

> class-map match-any UnwantedTraffic
> description Traffic we drop right away
> match protocol http url "*.ida*"
> match protocol http url "*cmd.exe*"
> match protocol http url "*root.exe*"
> match protocol http url "*readme.eml*"
> match protocol http url "*httpdodbc.dll*"
> match protocol http url "*Admin.dll*"
> !
> policy-map Trash
> class UnwantedTraffic
> set ip dscp 1
> !
> Interface x
> service-policy input Trash
> ip policy route-map null_policy_route
> !
> access-list 104 permit ip any any dscp 1
> !
> route-map null_policy_route permit 10
> match ip address 104
> set interface Null0
> !
> -----Original Message-----
> From: Tejal Shah [mailto:tejal.shah@surat.iqara.net]
> Sent: Wednesday, January 09, 2002 5:02 AM
> To: cisco-nsp@puck.nether.net
> Subject: [nsp] How to block Nimda in PIX or router
>
>
> Hi all,
>
> How to block Nimda from router or in PIX????
>
>
> with regards
> Tejal
>
>
> Go To http://www.iqara.net
>



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:28 EDT