Auto ACL blocker
Thomas Magill
tmagill at providecommerce.com
Tue Jan 18 23:48:45 UTC 2011
Also, have you considered just using the spamhaus DROP list? They even have code to have the list pushed to IOS available. You could simply substitute your file for their list if you only want to use IPs caught by your honeypot.
http://www.spamhaus.org/faq/answers.lasso?section=DROP%20FAQ
-----Original Message-----
From: Brian R. Watters [mailto:brwatters at absfoc.com]
Sent: Tuesday, January 18, 2011 11:12 AM
To: nanog at nanog.org
Subject: Auto ACL blocker
We are looking for the following solution.
Honey pot that collects attacks against SSH/FTP and so on
Said attacks are then sent to a master ACL on a edge Cisco router to block all traffic from these offenders ..
Of course we would require a master whitelist as well as to not be blocked from our own networks.
Any current solutions or ideas ??
--
BRW
More information about the NANOG
mailing list