This is a good question. There is not much information out there concerning the filter-ID attribute. I need to add this attribute to a specific user, allowing only port 80 to a specific IP address. Is that possible?
----- Original Message ----- From: "Dave Birkbeck" <[EMAIL PROTECTED]> To: "'Tony Bunce'" <[EMAIL PROTECTED]>; "'Sean Watkins (northrock)'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, August 25, 2003 7:27 PM Subject: RE: (RADIATOR) MAx TNT & MSBlast > All, > > In addition to having the ACL's that Cisco recommends. Has anyone come > up with a Radius ascend-data-filter that will slow down the spread of > these crazy viruses? Or better yet, a filter that will block ICMP. > > Again, I know this is probably not the list for this discussion, but > this topic is definitely for the greater good of the Internet. > > That being said does anyone know of a list that discusses various NAS > topics? > > Thanks, > > Dave > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Tony Bunce > Sent: Friday, August 22, 2003 10:38 AM > To: Sean Watkins (northrock); [EMAIL PROTECTED] > Subject: RE: (RADIATOR) MAx TNT & MSBlast > > This problem is actually caused by the "good" blaster worm nachi > > Nachi pings a host before it trys to spread so it doesn't waist its time > on non-existent hosts. The problem is that each one of those pings > generates an arp request and with such a high number of pings MAX TNT > boxes can't handle the high number of arp request and lock up or reboot > > The ping has a specific signature, 92byes all AA as the content, that > you can create a policy map for > > Cisco has an article on how to block Nachi ICMP traffic on your inbound > router interface > http://www.cisco.com/warp/public/707/cisco-sn-20030820-nachi.shtml > > Hope that helps > > Thanks, > Tony B, CCNA, Network+ > Systems Administration > GO Concepts, Inc. / www.go-concepts.com > Are you on the GO yet? > What about those you know, are they on the GO? > 513.934.2800 > 1.888.ON.GO.YET > > -----Original Message----- > From: Sean Watkins (northrock) [mailto:[EMAIL PROTECTED] > Sent: Friday, August 22, 2003 11:41 AM > To: [EMAIL PROTECTED] > Subject: (RADIATOR) MAx TNT & MSBlast > > Hi, > > I know this isn't the place, but any MAX TNT users out there seeing > weird card failures begining with the onslaught of MSBlast? I saw a > news.com article about it... however I can't find any more info. Anyone > know of any active ascend / lucent tnt mailing lists? > > Sean > > Article Text: > > In addition, network administrators reported on a newsgroup that > telecommunications equipment maker Lucent Technologies' TNT MAX network > gateway crashed due to some interaction with traffic created by the > MSBlast worms. A representative for the company confirmed that Lucent > was investigating the issue, but couldn't supply details. > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. > === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
