Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Using NBAR to block Nimda

  • From: Randy Benn
  • Date: Wed Sep 19 22:28:45 2001 
The basics of using NBAR as an IDS can be found here:
http://iponeverything.net/CodeRed.html

The page above is specifically for Code Red, but the same technique can be
used for blocking many different exploits.  Just modify the class map as you
like to block Nimda or anything else.

Randy


----- Original Message -----
From: "Dan Hollis" <goemon@anime.net>
To: "Alex Yeung" <alyeung@cisco.com>
Cc: "Matthew E. Martini" <martini@invision.net>; <nanog@merit.edu>
Sent: Wednesday, September 19, 2001 7:16 PM
Subject: RE: Using NBAR to block Nimda


>
> On Wed, 19 Sep 2001, Alex Yeung wrote:
> > Look at the following two URLs and then combine the config:
> > http://www.cisco.com/warp/customer/63/nimda.shtml
> > http://www.cisco.com/warp/customer/63/nbar_acl_codered.shtml
>
> cco login required, thanks anyway
>
> --
> [-] Omae no subete no kichi wa ore no mono da. [-]
>
>


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.