Auto ACL blocker

Brian R. Watters brwatters at
Tue Jan 18 14:01:27 CST 2011


I am sure any solution given enough time could be used against you, However my hope was that a whitelist could help in that regard however I know your correct.

----- Original Message -----
From: "Ronald Bonica" <rbonica at>
To: "Brian R. Watters" <brwatters at>, nanog at
Sent: Tuesday, January 18, 2011 11:55:28 AM
Subject: RE: Auto ACL blocker


Have you thought about what a bad guy might do if he knew that you had such a policy deployed? Is there a way that the bad guy might turn the policy against you?


> -----Original Message-----
> From: Brian R. Watters [mailto:brwatters at]
> Sent: Tuesday, January 18, 2011 2:12 PM
> To: nanog at
> Subject: Auto ACL blocker
> We are looking for the following solution.
> Honey pot that collects attacks against SSH/FTP and so on
> Said attacks are then sent to a master ACL on a edge Cisco router to
> block all traffic from these offenders ..
> Of course we would require a master whitelist as well as to not be
> blocked from our own networks.
> Any current solutions or ideas ??
> --


Brian R. Watters 
American Broadband Family of Companies 
5718 East Shields Ave 
Fresno, CA. 93727 
brwatters at 
tel: 559-420-0205 
toll free: 866-827-4638 

ABS offers T-1's starting at $289 in over 450 cities. Is your city on the list? Click here to find out. 

This message and any attachment(s) are solely for the use of intended recipients. They may contain privileged and/or confidential information legally protected from disclosure. If you are not the intended recipient, you are hereby notified that you received this e-mail in error and that any review, dissemination, distribution or copying of this e-mail and any attachment(s) is strictly prohibited. If you have received this e-mail in error, please contact the sender and delete the message and any attachment(s) from your system. Thank you for your cooperation. 

More information about the NANOG mailing list