[c-nsp] Match BGP in ACL
james edwards
hackerwacker at cybermesa.com
Thu Jul 29 18:55:25 EDT 2004
I would just block all IP packets from reaching that interface, if it is
possible,
except for the peering session. BGP sessions can be taken down by a DoS
on any port or protocol. Who really needs to be able to contact this
interface,
directly ?
--
James H. Edwards
Routing and Security Administrator
At the Santa Fe Office: Internet at Cyber Mesa
jamesh at cybermesa.com
noc at cybermesa.com
(505) 795-7101
More information about the cisco-nsp
mailing list