[c-nsp] bcp on edge filtering & udp
Whisper
whisper555 at gmail.com
Tue Jul 1 23:59:46 EDT 2008
access-list 199 permit tcp any any
access-list 199 permit icmp any any
:)
On Tue, Jul 1, 2008 at 3:34 PM, Michael Smith <mksmith at adhost.com> wrote:
> Hey Matt:
>
>
> > From: matthew zeier <mrz at velvet.org>
> > Date: Mon, 30 Jun 2008 13:32:06 -0700
> > To: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net>
> > Subject: [c-nsp] bcp on edge filtering & udp
> >
> > Trying to find a pre-build set of ACLs for filtering bogus inbound udp,
> > if one already exists, otherwise I'll have to build my own :)
>
> Here's a good start.
>
> access-list 199 deny udp any any eq 135
> access-list 199 deny udp any any eq 137
> access-list 199 deny udp any any eq 138
> access-list 199 deny udp any any eq 139
> access-list 199 deny udp any any eq 445
> access-list 199 deny udp any any eq 4899
> access-list 199 deny udp any any eq 1434
> access-list 199 deny udp any any eq 194
> access-list 199 deny udp any any eq 529
> access-list 199 deny udp any any eq 994
> access-list 199 deny udp any any eq 69
> access-list 199 deny udp any any range 6666 6669
>
> Regards,
>
> Mike
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list