[c-nsp] bcp on edge filtering & udp
Michael Smith
mksmith at adhost.com
Tue Jul 1 01:34:43 EDT 2008
Hey Matt:
> From: matthew zeier <mrz at velvet.org>
> Date: Mon, 30 Jun 2008 13:32:06 -0700
> To: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net>
> Subject: [c-nsp] bcp on edge filtering & udp
>
> Trying to find a pre-build set of ACLs for filtering bogus inbound udp,
> if one already exists, otherwise I'll have to build my own :)
Here's a good start.
access-list 199 deny udp any any eq 135
access-list 199 deny udp any any eq 137
access-list 199 deny udp any any eq 138
access-list 199 deny udp any any eq 139
access-list 199 deny udp any any eq 445
access-list 199 deny udp any any eq 4899
access-list 199 deny udp any any eq 1434
access-list 199 deny udp any any eq 194
access-list 199 deny udp any any eq 529
access-list 199 deny udp any any eq 994
access-list 199 deny udp any any eq 69
access-list 199 deny udp any any range 6666 6669
Regards,
Mike
More information about the cisco-nsp
mailing list