[c-nsp] access-lists for dial-up users
Birsen Senyüz
BSenyuz at e-kolay.com
Tue Aug 24 07:39:46 EDT 2004
Hello
As you all know many of attacks, port scans etc. originate from dial-up or ADSL users.
I am looking for a methodology/ideas to build an access-list that will permit most of valid traffic but deny malicious activity such as port scans etc.
How can a network administrator limit the access of dial-up or ADSL users, to prevent them from randomly scanning Internet, or doing any other damage.
(For example it is unlikely for a dial-up client to host a web page on his side, so it seems a good idea to block port 80 to client side)
I would welcome any suggestions.
Thanks in advance,
Birsen
More information about the cisco-nsp
mailing list