[c-nsp] ISP - unwanted traffic

Roman A. Nozdrin drrtuy at ya.ru
Wed Jun 2 15:16:25 EDT 2010


Hi there
> I'm facing a issue and stuck on a thought process , would appreciate if some
> 
> way you guys can show with your experience in industry -
> 
> ISSUE ----
> 
> user X spoofs IP ADDRESS OF ISP-A and sends traffic out to internet...
> now when traffic is comming back via ISP-A... I want to block such traffic
> which is not orignating from my ISP...
> but catch here is ---- filtering is to be done in ISP ...so putiing acl for
> each users and ports is not scallable.....
> Please help with any way out ...
> Thanks and Regards

You may use traffic blackholing in case of unused ip addresses with some 
kind of statefull firewalling(despite scalability contraints) for used 
ip addresses.

> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 



More information about the cisco-nsp mailing list