Auto ACL blocker

Larry Smith lesmith at
Tue Jan 18 13:31:30 CST 2011

On Tue January 18 2011 13:12, Brian R. Watters wrote:
> We are looking for the following solution.
> Honey pot that collects attacks against SSH/FTP and so on
> Said attacks are then sent to a master ACL on a edge Cisco router to block
> all traffic from these offenders ..
> Of course we would require a master whitelist as well as to not be blocked
> from our own networks.
> Any current solutions or ideas ??

Private BGP session with Zebra or Quagga on a linux box
adding the selected IP to a null route.

Larry Smith
lesmith at

More information about the NANOG mailing list