25 Jan
2003
25 Jan
'03
6:48 a.m.
On Sat, 25 Jan 2003, Doug Barton wrote:
Anyone want to get involved in some sort of real time chat (like IRC) to disuss strategies? We're seeing some pretty big traffic, and related problems in multiple colo's world wide.
What's to discuss? If you put something like access-list 150 deny udp any any eq 1434 log-input access-list 150 permit ip any any on all your customer-facing ports you get to 1. filter out the disruptive traffic 2. see which customer systems are infected This works well even on relatively underpowered Cisco 7200 boxes.