So my friend got ditched by his girl of 3 years via text message, so now he’s on a mission to drive 1000 miles to get an answer.
I can’t really say I blame him for wanting a face to face answer.
Stay tuned for the adventure. SaveTerrick.com
“I’ve got more important things to do than show up for work”
A 6-year-old Park Slope girl is facing a $300 fine from the city for doing what city kids have been doing for decades: drawing a pretty picture with common sidewalk chalk.
Obviously not all of Natalie Shea’s 10th Street neighbors thought her blue chalk splotch was her best work — a neighbor called 311 to report the “graffiti,” and the Department of Sanitation quickly sent a standard letter to Natalie’s mom, Jen Pepperman.
Seriously? Chalk…wtf mate
Since my tech buddies and I usually run SSH on non-standard ports I decided to throw together a few lines in the router ACL to snag all the bots and wanna be’s tapping port 22 for an easy target.
Write a line that looks like this to grab any IP that sends a packet to 22 , and have it dynamically add that IP to an address list.
;Port 22 hack trap
chain=pass action=add-src-to-address-list in-interface=ether1 dst-port=22 protocol=tcp address-list=Hacked address-list-timeout=0s
Then just stick a line like his right above that rule, that matches packets with anything on that address list
;Drop port 22 hack attempts
chain=pass action=drop src-address-list=Hacked
This is also fun to do on port 8080 for the bots and such looking for open proxies, just snag the IP with the same rule above then send their crap to the bitbucket.
And that concludes this class of Creative ACLing 101
Why yes…yes I am bored at work today
Pouring one out for my Cisco homies
# Sino-Korean Cisco SMTP ACL
#http://www.okean.com/cisco/sinokoreaacl.txt
#last updated 2007.09.08 2233 PDT (UTC -7)
access-list yyy deny tcp 58.14.0.0 0.1.255.255 host zzz.zzz.zzz.zzz eq smtp !China
access-list yyy deny tcp 58.16.0.0 0.7.255.255 host zzz.zzz.zzz.zzz eq smtp !China
access-list yyy deny tcp 58.24.0.0 0.1.255.255 host zzz.zzz.zzz.zzz eq smtp !China
access-list yyy deny tcp 58.29.0.0 0.0.255.255 host zzz.zzz.zzz.zzz eq smtp !Korea
access-list yyy deny tcp 58.30.0.0 0.1.255.255 host zzz.zzz.zzz.zzz eq smtp !China
access-list yyy deny tcp 58.32.0.0 0.31.255.255 host zzz.zzz.zzz.zzz eq smtp !China
access-list yyy deny tcp 58.65.64.0 0.0.63.255 host zzz.zzz.zzz.zzz eq smtp !Korea
access-list yyy deny tcp 58.66.0.0 0.1.255.255 host zzz.zzz.zzz.zzz eq smtp !China
access-list yyy deny tcp 58.68.128.0 0.0.127.255 host zzz.zzz.zzz.zzz eq smtp !China
access-list yyy deny tcp 58.72.0.0 0.7.255.255 host zzz.zzz.zzz.zzz eq smtp !Korea
access-list yyy deny tcp 58.82.0.0 0.1.255.255 host zzz.zzz.zzz.zzz eq smtp !China
access-list yyy deny tcp 58.87.32.0 0.0.31.255 host zzz.zzz.zzz.zzz eq smtp !Korea
access-list yyy deny tcp 58.87.64.0 0.0.63.255 host zzz.zzz.zzz.zzz eq smtp !China
access-list yyy deny tcp 58.99.128.0 0.0.127.255 host zzz.zzz.zzz.zzz eq smtp !China
…
the rest of freakin China and Korea
digg News