18 Jan
2011
18 Jan
'11
2:31 p.m.
On Tue January 18 2011 13:12, Brian R. Watters wrote:
We are looking for the following solution.
Honey pot that collects attacks against SSH/FTP and so on
Said attacks are then sent to a master ACL on a edge Cisco router to block all traffic from these offenders ..
Of course we would require a master whitelist as well as to not be blocked from our own networks.
Any current solutions or ideas ??
Private BGP session with Zebra or Quagga on a linux box adding the selected IP to a null route. -- Larry Smith lesmith@ecsis.net