Auto ACL blocker

ML ml at
Tue Jan 18 18:27:42 CST 2011

On 1/18/2011 6:48 PM, Thomas Magill wrote:
> Also, have you considered just using the spamhaus DROP list?  They even have code to have the list pushed to IOS available.  You could simply substitute your file for their list if you only want to use IPs caught by your honeypot.

I know Spamhaus doesn't offer a BGP feed of the DROP list.  Has anyone 
made a homegrown solution?

There is a PHP script that pull the DROP list and make a Cisco ACL or 
IPtables rules.

More information about the NANOG mailing list