[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sidewinder
Subject:    Re: [Sidewinder] Code Red defense
From:       Akihiro Shirahashi <sirahasi () netone ! co ! jp>
Date:       2001-08-26 4:24:00
[Download RAW message or body]

Jeffery.Gieser wrote:

>     I filter out the stuff that is definitely not going to be allowed in
>at the router.  For example, if I have the 208.10.10/24 class C address
>space and the only IP addresses that should ever get any traffic from the
>Internet are 208.10.10.1 and 208.10.10.2, I would drop all traffic to the
>rest of the network at the router in front of the Sidewinder and then have
>the Sidewinder check the traffic to those two specific IP addresses. 

We add some IP Filter rules on the Sidewinder to dicard the packets for the
same purpose. If the router is not under your control, this alternative way
may be useful.

Akihiro Shirahashi, Net One Systems Co.Ltd, Tokyo, Japan


[prev in list] [next in list] [prev in thread] [next in thread]