18 Jan
2011
18 Jan
'11
2:55 p.m.
Brian, Have you thought about what a bad guy might do if he knew that you had such a policy deployed? Is there a way that the bad guy might turn the policy against you? Ron
-----Original Message----- From: Brian R. Watters [mailto:brwatters@absfoc.com] Sent: Tuesday, January 18, 2011 2:12 PM To: nanog@nanog.org Subject: Auto ACL blocker
We are looking for the following solution.
Honey pot that collects attacks against SSH/FTP and so on
Said attacks are then sent to a master ACL on a edge Cisco router to block all traffic from these offenders ..
Of course we would require a master whitelist as well as to not be blocked from our own networks.
Any current solutions or ideas ??
--
BRW