Or as a simple solution, put a route for his IP address to Null0. His return traffic will never make it. This will not stop a denial of service, But it will stop any return traffic like port scans and such. This machine will effectively Disappear to him...
Thanks Larry -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 2:19 AM To: [EMAIL PROTECTED] Subject: Re: IOS Firewall Feature Set -Blocking Attacks [7:40141] Hi, You can configure a simple inbound access-list at your outside interface of your router to deny inbound connection from the specific host to web server. or the other way is to enable "ip audit" on the router and in the action specify it as reset. Kind Regards /Thangavel ---------------------------------------------------------------------- CCIE (qual),CCS,CCDP,CCNP,MCSE ------------------------------------------------------------------------ 186K Reading,Brkshire Direct No -0118 9064259 Mobile No -07796292416 Post code: RG16LH www.186k.co.uk ---------------------------------------------------------------------- The greatest glory in living lies not in never falling, but in rising every time we fall ." -- Nelson Mandela -------------------------------------------------------------------- "Clayton Dukes" To: [EMAIL PROTECTED] Fax to: Sent by: Subject: IOS Firewall Feature Set -Blocking Attacks [7:40141] nobody@groups tudy.com 02/04/2002 06:44 Please respond to "Clayton Dukes" Hi everyone, I have a specific IP address that constantly tries to attack my webserver. How can I block that IP address while allowing all others through? My config uses NAT extendable to translate the outside Ip to port 80 on an internal address. I want to allow the world to access that port EXCEPT for ip z.z.z.z, Can someone recommend a good way? TIA! Clayton Dukes Cisco Info Center SE Micromuse, Inc. CCNA, CCDA, CCDP, CCNP, NCC (h) 904-292-1881 (c) 904-477-7825 ********************************************************************** This e-mail is from 186k Ltd and is intended only for the addressee named above. As this e-mail may contain confidential or priveleged information, if you are not the named addressee or the person responsible for delivering the message to the named addressee, please advise the sender by return e-mail. The contents should not be disclosed to any other person nor copies taken. 186k Ltd is a Lattice Group company, registered in England & Wales No. 3751494 Registered Office 130 Jermyn Street London SW1Y 4UR ********************************************************************** Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40200&t=40141 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
