[c-nsp] bcp on edge filtering & udp

matthew zeier mrz at velvet.org
Tue Jul 1 12:40:40 EDT 2008


I keep seeing stuff with a udp src or dst port of 0.  Anyone else see 
that in the wild?

Michael Smith wrote:
> Hey Matt:
> 
> 
>> From: matthew zeier <mrz at velvet.org>
>> Date: Mon, 30 Jun 2008 13:32:06 -0700
>> To: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net>
>> Subject: [c-nsp] bcp on edge filtering & udp
>>
>> Trying to find a pre-build set of ACLs for filtering bogus inbound udp,
>> if one already exists, otherwise I'll have to build my own :)
> 
> Here's a good start.
> 
> access-list 199 deny   udp any any eq 135
> access-list 199 deny   udp any any eq 137
> access-list 199 deny   udp any any eq 138
> access-list 199 deny   udp any any eq 139
> access-list 199 deny   udp any any eq 445
> access-list 199 deny   udp any any eq 4899
> access-list 199 deny   udp any any eq 1434
> access-list 199 deny   udp any any eq 194
> access-list 199 deny   udp any any eq 529
> access-list 199 deny   udp any any eq 994
> access-list 199 deny   udp any any eq 69
> access-list 199 deny   udp any any range 6666 6669
> 
> Regards,
> 
> Mike
> 


More information about the cisco-nsp mailing list