[c-nsp] Shunning Traffic on ASA's
Roland Dobbins
rdobbins at cisco.com
Mon Feb 11 09:54:52 EST 2008
On Feb 11, 2008, at 9:51 PM, Christian Koch wrote:
> Hypothetical situation - customer A calls, please block attacking ip
> x.x.x.x,
> im thinking - do i want to use objects groups for "dirty ip's" and
> add to a
> deny ACL or do i want to just shun it..
S/RTBH would probably be a better option for this, on your edge routers.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at cisco.com> // +66.83.266.6344 mobile
If you don't know what to do, it's harder to do it.
-- Malcom Forbes
More information about the cisco-nsp
mailing list