RE: blocking packets from compromised server

From: James Matrisciano (jmatrisciano@kenttech.com)
Date: Wed May 25 2005 - 17:19:26 GMT-3

• Next message: Troy Levin: "Re: Help with Native Vlan"
• Previous message: Lupi, Guy: "RE: blocking packets from compromised server"
• Maybe in reply to: John Matus: "blocking packets from compromised server"
• Next in thread: John Matus: "RE: blocking packets from compromised server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Well, if it is an attack on the server with tcp open connections, use
the ip tcp intercept command on the interface. Beware of its cpu
intensity though.

jm

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
John Matus
Sent: Wednesday, May 25, 2005 4:07 PM
To: ccielab@groupstudy.com
Subject: blocking packets from compromised server

i know that you can block traffice from a compromised server w/
"swtichport
block unicast/multicast", but how would you stop a router from
intercepting
these if you did not use the above config? what kind of attack would
this
be called?

• Next message: Troy Levin: "Re: Help with Native Vlan"
• Previous message: Lupi, Guy: "RE: blocking packets from compromised server"
• Maybe in reply to: John Matus: "blocking packets from compromised server"
• Next in thread: John Matus: "RE: blocking packets from compromised server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:12:02 GMT-3