Methods that you
use to block DDoS by blocking selected ports aim at stopping TRIN00, Stacheldraht,
Trinity v3, and SubSeven. ACL rules are generally applied to inbound and outbound traf?¬?c
between the protected network and the Internet.
RFC 2827 recommends that ISPs police their customer traf?¬?c by dropping traf?¬?c that enters
their networks from a source address that the customer network is not legitimately using.
The ?¬?ltering includes, but is not limited to, traf?¬?c whose source address is a ???Martian
Edge(config)#access-list 109 deny udp any any
range 33400 34400 log
Denies all packets with
ports in the range of
33400??“34400, and logs
any instance in which this
statement was used
NOTE: Make sure that
the range of ports that
you specify in this
statement does not ?¬?lter
out any packets that you
want to travel through
the network.
Edge(config)#access-list 109 permit ip any
10.1.1.0 0.0.0.255 log
Permits any IP packets
from anywhere destined
for 10.1.1.x, and logs any
instance in which this
statement was used
Edge(config)#interface fastethernet 0/1 Moves to interface
con?¬?guration mode
Edge(config-if)#ip access-group 109 in Takes all access list lines
that are de?¬?ned as being
part of group 109 and
applies them in an
inbound manner
Edge(config-if)#exit Returns to global
con?¬?guration mode
Edge(config)#
114 Mitigating Dedicated DoS Attacks with ACLs
address?????”a reserved address that includes any address within 0.
Pages:
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108