It cleans only http traffic, right?
I have a big problem actually. I big network with a
central Cisco Switch 2948. Nimda is spread for all the network.
How do I filter this internal network traffic to stop NIMDA dissemination
through disk sharing?
> class-map match-any UnwantedTraffic
> description Traffic we drop right away
> match protocol http url "*.ida*"
> match protocol http url "*cmd.exe*"
> match protocol http url "*root.exe*"
> match protocol http url "*readme.eml*"
> match protocol http url "*httpdodbc.dll*"
> match protocol http url "*Admin.dll*"
> !
> policy-map Trash
> class UnwantedTraffic
> set ip dscp 1
> !
> Interface x
> service-policy input Trash
> ip policy route-map null_policy_route
> !
> access-list 104 permit ip any any dscp 1
> !
> route-map null_policy_route permit 10
> match ip address 104
> set interface Null0
> !
> -----Original Message-----
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:00 EDT