[c-nsp] ISP - unwanted traffic
Roman A. Nozdrin
drrtuy at ya.ru
Wed Jun 2 15:16:25 EDT 2010
Hi there
> I'm facing a issue and stuck on a thought process , would appreciate if some
>
> way you guys can show with your experience in industry -
>
> ISSUE ----
>
> user X spoofs IP ADDRESS OF ISP-A and sends traffic out to internet...
> now when traffic is comming back via ISP-A... I want to block such traffic
> which is not orignating from my ISP...
> but catch here is ---- filtering is to be done in ISP ...so putiing acl for
> each users and ports is not scallable.....
> Please help with any way out ...
> Thanks and Regards
You may use traffic blackholing in case of unused ip addresses with some
kind of statefull firewalling(despite scalability contraints) for used
ip addresses.
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list