On Wed, Aug 15, 2007 at 03:55:18PM +0000, wireless wrote: > The services need to leave open are NTP, SSH, snmp, VoIP(sip) and > h.264 (8000); deny all else. > > any words of advice, ACL snippets or complete acl, that are jffnms > compatible, are of keen interest for me to look at.
SNMP can be locked down with an ACL, it should be! access-list 10 permit 1.2.3.4 access-list 10 deny any log snmp-server community JFFNMSCOMM RW 10 ssh can be locked down with either a traffic ACL or one on the line vty access-list 20 permit 1.2.3.4 access-list 20 deny any log line vty 0 4 access-class 20 in transport input ssh NTP - remember if you sync off the device to add more lines! Never tried it myself, you might need to change query-only to serve access-list 30 permit 1.2.3.4 access-list 30 deny any ntp access-group query-only 30 -- Craig Small GnuPG:1C1B D893 1418 2AF4 45EE 95CB C76C E5AC 12CA DFA5 http://www.enc.com.au/ csmall at : enc.com.au http://www.debian.org/ Debian GNU/Linux, software should be Free ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ jffnms-users mailing list jffnms-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jffnms-users
