Block it from your Cisco.
Sample udp block command for cisco IOS;
access-list 151 deny udp x.x.x.x 0.0.0.127 range netbios-ns netbios-ss any
access-list 151 deny udp x.x.x.x 0.0.0.63 range netbios-ns netbios-ss any
access-list 151 deny udp x.x.x.x 0.0.0.63 range netbios-ns netbios-ss any
Rgds,
Darryl
At 04:14 PM 26/04/2000, you wrote:
>Hello:
>
>Can someone point me towards some good documentation on portsentry.
>
>I have a attack reported by portsentry on my tcp port 79. I blocked this IP
>address, (219.109.142.99) via my cisco router using the access-deny for tcp
>but now the @#&tard is sending me udp packets every second to port 7,
>(echo) with some kind of script that is now filling my /var/log/messages
>very quickly with portsentry attack alerts. I assume he got pissed that I
>blocked his tcp access via my router. I am not familiar enough with the IOS
>software package that comes with the router to block udp packets from
>him/her. If I can't stop him with Portsentry I guess I will have to read up
>on the cisco software but I thought I could use Portsentry to put an end to
>this in some way but really need to read on how to configure it properly.
>Any help would be appreciated.
>
>Thanks in Advance,
>
>Eddie Strohmier
>Bonwell Globalnet
>www.bonwell.com
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
