RE: [nsp] How to block Nimda in PIX or router

From: Grace, Terry (tgrace@thestar.ca)
Date: Wed Jan 09 2002 - 08:41:40 EST


class-map match-any UnwantedTraffic
  description Traffic we drop right away
  match protocol http url "*.ida*"
  match protocol http url "*cmd.exe*"
  match protocol http url "*root.exe*"
  match protocol http url "*readme.eml*"
  match protocol http url "*httpdodbc.dll*"
  match protocol http url "*Admin.dll*"
!
policy-map Trash
  class UnwantedTraffic
    set ip dscp 1
!
Interface x
 service-policy input Trash
 ip policy route-map null_policy_route
!
access-list 104 permit ip any any dscp 1
!
route-map null_policy_route permit 10
 match ip address 104
 set interface Null0
!
-----Original Message-----
From: Tejal Shah [mailto:tejal.shah@surat.iqara.net]
Sent: Wednesday, January 09, 2002 5:02 AM
To: cisco-nsp@puck.nether.net
Subject: [nsp] How to block Nimda in PIX or router

Hi all,

     How to block Nimda from router or in PIX????

with regards
Tejal

Go To http://www.iqara.net

Get to know us
http://www.thestar.com - Canada's largest daily newspaper online
http://www.toronto.com - All you need to know about T.O.
http://www.workopolis.com - Canada's biggest job site
http://www.torontostartv.com - Webcasting & Production
http://www.newinhomes.com - Ontario's Largest New Home & Condo Website
http://www.waymoresports.com - Canada's most comprehensive sports site
http://www.tmgtv.ca - Hometown Television



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:59 EDT