Hello
I started to receive attacks on a web server that look like this
Can I write an acces-list that look something like this
access-list outside deny
Thanks in advanced
Hello
I started to receive attacks on a web server that look like this
Can I write an acces-list that look something like this
access-list outside deny
Thanks in advanced
In article , Lalo wrote: :I started to receive attacks on a web server :that look like this
:
Possibly the admins of instituto.com.br have changed the IP address to deflect further DoS attacks?
:I have a Pix version 6.3(1) in front of this web servers.
You should upgrade to 6.3(4) as 6.3(1) and 6.3(3) have known security problems and 6.3(2) was withdrawn. The upgrade to 6.3(4) is free if you have 6.3(x).
:Can I write an acces-list that look something like this
:access-list outside deny
Not really. The PIX will not resolve IP addresses. If
name 200.245.83.2
access-list outside deny ip host
But be careful that you don't confuse yourself: in that context,
no name 200.245.83.2
then the ACL entry will continue to use the old IP address: the label is for human convenience, not what is used internally.
If there are multiple IPs, or if you anticipate that the IP might change, then it is better (PIX 6.2 onward) to use an object-group:
object-group network instituto_hosts description
access-list outside deny ip object-group instituto_hosts any
You can add or remove things from object groups and the change will be immediately reflected in all ACL entries that reference the object group (though it might take a moment to recompile the entries if you are using compiled acls.) And an object-group can reference several items at once, whereas a 'name' can only reference a single thing.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.