Gone paranoid
Juan Manuel Palacios
yellowdog-general@lists.terrasoftsolutions.com
Sat Jun 29 23:52:15 2002
Where could I find extensive and detailed information about this
type of protection technique? It really interests me and if I want to
set it up I want to make sure I am proficient with what I'm doing.
Thanks. I really look forward to hear from you again.
Sincerely,...
Juan.
On Saturday, June 29, 2002, at 02:52 PM, Eric Scher wrote:
> "...I was checking the IP the ISP provided Cisco router..."
>
>
> Assuming you have a Cisco router with a full Cisco IOS you can also
> write access control
> lists. You'll want to use an extended list which runs fro 100-199.
> They're written
> in the following form:
>
> access-list 1xx permit/deny protocol sourceIP sourceSM eq port#
>
> SM = Subnet Mask
> eq = equals
>
> example, for allowing a particular host access to an FTP server:
>
> access-list 100 permit TCP 131.1.1.5 0.0.0.255 1.1.1.0 0.0.0.255 eq 21
>
> You can get all sorts of details at Cisco's web site. No matter what
> you do with
> your NAT server you should always run an ACL on your router, especially
> the one at your
> border.
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general@lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general