On Tue, 27 Nov 2001, John McBrayne wrote: jm> jm> Is anyone aware of any current "best practices" related to the jm> recommended set of filtering rules (Cisco ACL lists or Juniper filter jm> sets) for reasons of Security, statistics collection, DoS attack jm> analysis/prevention, etc.? I'm curious to see if there are any such John, the three areas you mention above really should be treated differently, is there something you are particularly interested in among these? On a 'generic' note there is are some recommendations offered by Cisco at thier website, I can't (of course) endorse them over anyone else, Barry Greene (who posts at times here and should respond to this note with the proper links from Cisco) is one of the better voices at Cisco for the Security (atleast) topic. Additionally, there were some 'recommended' or 'best practices' covered at the last NANOG: http://www.nanog.org/mtg-0110/greene.html That should atleast get you started on 'Security' and 'DoS' stuff... as to statistics could you clarify this some? jm> recommendations for Tier 1/Tier 2 backbone routers, peering points, jm> etc., as opposed to CPE terminations or Enterprise/LAN equipment jm> recommendations. jm> Hmm, I'm not going to recommend anything, since your network is likely MUCH different from any one I'm working on... BUT perhaps wecan discuss some likely scenarios?? (perhaps the other list members might have some statistics gathering ideas/examples??) jm> Actual config file examples would be great, if they exist.