Nimba Question.

Gyorfy, Shawn sgyorfy at
Thu Nov 1 17:12:07 UTC 2001

Hey what's going on?
Question for you all.  We are a BLEC, we give each building a T1 and router
and back haul the circuit to our NOC were we distribute the packets to our
service providers.  The problem I see, some of our clients in the building,
there computers are infected with the NIMBA virus / Code Red.  I get emailed
from firewall administrators about the possible port scan, and then I
disconnect the customer until he updates his servers and cleans them.  I was
wondering if I can do anything on my end to prevent the Nimba going out on
my end.  I have been reading about Cisco's NBAR feature with class maps but
I don't want to put that on the core because it will kill the box (Cisco 10K
ESR, (2) 7507, (2) 7206).  Plus cisco stated that it can only hand 24
concurrent web hits. So that's out.  I was also thinking about putting that
on the building routers but 75% aren't Cisco, they are Lucent Access Points.
Any suggestions would be appreciated.  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the NANOG mailing list