[unisog] Are cisco router VLAN ACL's stateful like a PIX?
jeff-kell at utc.edu
Wed Feb 2 01:39:09 GMT 2005
James Riden wrote:
> Michael Holstein <michael.holstein at csuohio.edu> writes:
>>>Blocking ICMP between VLANs has stopped RPC viruses, that's a pretty
>>>neat trick. You must have your voodoo filters turned up to 'more magic'.
>>Nope .. earlier versions of (was it Blaster or Nachi .. I forget?)
>>would ping-sweep a network so as not to "waste" tcp packets
> Nachi used fast ping sweeps; I think that Blaster only sent TCP SYNs.
UDP flooding is the worst nightmare (think SQL Slammer). Rate limiting
helps, and even throttles down UDP-based P2P variants as a side effect.
More information about the unisog