class-map match-any UnwantedTraffic
description Traffic we drop right away
match protocol http url "*.ida*"
match protocol http url "*cmd.exe*"
match protocol http url "*root.exe*"
match protocol http url "*readme.eml*"
match protocol http url "*httpdodbc.dll*"
match protocol http url "*Admin.dll*"
!
policy-map Trash
class UnwantedTraffic
set ip dscp 1
!
Interface x
service-policy input Trash
ip policy route-map null_policy_route
!
access-list 104 permit ip any any dscp 1
!
route-map null_policy_route permit 10
match ip address 104
set interface Null0
!
-----Original Message-----
From: Tejal Shah [mailto:tejal.shah@surat.iqara.net]
Sent: Wednesday, January 09, 2002 5:02 AM
To: cisco-nsp@puck.nether.net
Subject: [nsp] How to block Nimda in PIX or router
Hi all,
How to block Nimda from router or in PIX????
with regards
Tejal
Go To http://www.iqara.net
Get to know us
http://www.thestar.com - Canada's largest daily newspaper online
http://www.toronto.com - All you need to know about T.O.
http://www.workopolis.com - Canada's biggest job site
http://www.torontostartv.com - Webcasting & Production
http://www.newinhomes.com - Ontario's Largest New Home & Condo Website
http://www.waymoresports.com - Canada's most comprehensive sports site
http://www.tmgtv.ca - Hometown Television
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:59 EDT