[Dshield] Help with Cisco ACL's

Mathieu Patenaude mathieup at sevillepictures.com
Tue Mar 11 15:46:20 GMT 2003

what about the implicit deny all of the Cisco Pix... I mean that if you
didn't allow the port before, it won't get thru...unless you've put a
access-list allow any any somewhere! One of the reason why I would put an
explicit deny on a particular port like you did would be to see how many
times it got hit... but again, you can know that by using the syslog

good luck


-----Original Message-----
From: Graham K. Dodd [mailto:g.dodd at falk-ross.de]
Sent: Tuesday, March 11, 2003 9:09 AM
To: DShield
Subject: [Dshield] Help with Cisco ACL's

Hello all,
		please can somebody explain to a Cisco novice how to block
incoming port

I created an extended access list with a "deny tcp any any eq 445"

I applied this ACL to Serial 0 incoming which I thought would block any
incoming tcp going to my port 445 - what it does is stop outgoing traffic
(nslookup and port 80 that I know of)

thank you,


Graham K. Dodd
Director of Operation
Falk & Ross GmbH
Tel. +49(6301)717-0
Fax. +49(6301)717-270

list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:

More information about the list mailing list