Sorry Luke, On the PIX anyway to block a /24 netblock (class C for some) it would be:
.....deny IP 192.168.10.0 255.255.255.0 to block a /16 it would be: .....deny IP 192.168.0.0 255.255.0.0 NOT 0.0.0.255 and 0.0.255.255 as you stated. This is a fundamental different between many routers and firewalls. And organizations are going to block what they want is most beneficial to that organization. We fortunately have the ability to block everyone, so we do...When we quit seeing abusive traffic on the wire things may change. If it's any consolation, we've only blocked SMTP traffic from Europe/Asia (so far anyway) with several exeptions.. cheers.. Marc >>> Luke Butcher <[EMAIL PROTECTED]> 01/10 1:18 AM >>> Maybe someone already replied, but surely it's: access-list reject_all deny ip 210.0.0.0 0.255.255.255 any etc. I prefer access-list blah deny ip 0.0.0.0 255.255.255.255 10.1.1.0 0.0.0.255 (webservers) applied to external router inbound. No complaints then about Nimda, slow server response, HTTP 500 Server errors. Just a few people claim they can't get to the website, but hey it works fine for me from inside. Must be a problem their end. Guaranteed to buy you a few days of freedom. Luke Butcher Em: [EMAIL PROTECTED] > -----Original Message----- > From: Network Operations [mailto:[EMAIL PROTECTED]] > Subject: Ahhh, the perks of managing government networks > > > If you get fed up with SPAM and script kiddies just: > > access-list reject_all deny ip 210.0.0.0 255.0.0.0 any > access-list reject_all deny ip 211.0.0.0 255.0.0.0 any > > hmm, who next, I think I remember some BO scans from poland > last week... > > access-list reject_all deny ip 195.0.0.0 255.0.0.0 any E-mail Disclaimer Nabarro Nathanson Principal office: Lacon House, Theobalds Road London WC1X 8RW Tel: +44 (0)20 7524 6000 Fax: +44(0)20 7524 6524 NOTICE This message contains confidential (and potentially legally privileged) information solely for its intended recipients and others may not distribute, copy or use it. If you have received this communication in error please tell us either by return e-mail or at the numbers above and delete it, and any copies of it. The contents of this e-mail are subject to the firms Terms of Business copies of which are available on our website. We have taken steps to ensure that this message (and any attachments or hyperlinks contained within it) are free from computer viruses and the like. However, in accordance with good computing practice the recipient is responsible for ensuring that it is actually virus free before opening it. Regulated by the Law Society. A list of partners is available at the address above or on our website, http://www.nabarro.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
