Or like this with ipchains, and block the packet monkey completely:
/sbin/ipchains -A input -s ip.of.id.iot -d 0/0 -j DENY
The deny rule will silently drop packets from the packet monkey :)
or, if you feel like irritating him/her, let them know you are
rejecting his traffic:
/sbin/ipchains -A input -s ip.of.id.iot -d 0/0 -j REJECT
Be careful tho. This generates return traffic from your machine to
the source address. But it always gives a satisfying feeling to fling
the packet dookey back at the packet monkey.
--Matt
On Wed, Apr 26, 2000 at 04:52:10PM +1000, Darryl Harvey wrote:
> Block it from your Cisco.
>
> Sample udp block command for cisco IOS;
>
> access-list 151 deny udp x.x.x.x 0.0.0.127 range netbios-ns netbios-ss any
> access-list 151 deny udp x.x.x.x 0.0.0.63 range netbios-ns netbios-ss any
> access-list 151 deny udp x.x.x.x 0.0.0.63 range netbios-ns netbios-ss any
>
> Rgds,
> Darryl
>
>
> At 04:14 PM 26/04/2000, you wrote:
> >Hello:
> >
> >Can someone point me towards some good documentation on portsentry.
> >
> >I have a attack reported by portsentry on my tcp port 79. I blocked this IP
> >address, (219.109.142.99) via my cisco router using the access-deny for tcp
> >but now the @#&tard is sending me udp packets every second to port 7,
> >(echo) with some kind of script that is now filling my /var/log/messages
> >very quickly with portsentry attack alerts. I assume he got pissed that I
> >blocked his tcp access via my router. I am not familiar enough with the IOS
> >software package that comes with the router to block udp packets from
> >him/her. If I can't stop him with Portsentry I guess I will have to read up
> >on the cisco software but I thought I could use Portsentry to put an end to
> >this in some way but really need to read on how to configure it properly.
> >Any help would be appreciated.
> >
> >Thanks in Advance,
> >
> >Eddie Strohmier
> >Bonwell Globalnet
> >www.bonwell.com
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
--
Matthew J. Galgoci <[EMAIL PROTECTED]>
Key fingerprint = 46C1 B1EB 0BE9 E398 7CC3 E788 007D 4FF9 18C2 42C0
"Take a shower. I can smell you across the vpn."
PGP signature
