This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Denying specific nets and hosts

Good Morning,

Last night I was unfortunately witness to someone, mildly probing one of my systems. Of course they were probing the open, production ports so I couldn't just disable some NATs.

What I couldn't do or figure out, was, how do I block a specific network range or single host? I added drop Packet Filters for the IPs, but they weren't doing squat.

Could anyone point me in the right direction?

Thanks!
System: ASG220 - v 7.100

This thread was automatically locked due to age.

Parents

0 BarryG over 17 years ago

You need to put the drop rules above any related allow rules.

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BarryG over 17 years ago

You need to put the drop rules above any related allow rules.

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 BrucekConvergent over 17 years ago in reply to BarryG

Yes, as Barry said put a drop rule at the very top of the packet filters list. I normally enable logging on this to create a record of their every attempt, if prosecution becomes necessary.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel