Re: Block traffic not orignating from ISP autonomous system from Bernard Steven on 2010-06-02 (Ccielab archives 06/2010)

From: Bernard Steven <buny.steven_at_gmail.com>
Date: Wed, 2 Jun 2010 23:50:56 +0530

stateful filtering.
For an ISP , impractical.

Try escalating to upstream provider for uRPF the source

On Wed, Jun 2, 2010 at 10:21 PM, jack daniels <jckdaniels12_at_gmail.com>wrote:

> traffic is coming back from ISP-A , but orignating from another ISP......
> traffic needs to be filtered on ISP-A, if not orignating in ISP-A....
>
> how URPF can help in this case.
>
> On Wed, Jun 2, 2010 at 7:25 PM, Tyson Scott <tscott_at_ipexpert.com> wrote:
>
> > Put unicast reverse path filtering on your inside interfaces to stop user
> A
> > from originating traffic internally from an external address.
> >
> > Regards,
> >
> > Tyson Scott - CCIE #13513 R&S, Security, and SP
> > Managing Partner / Sr. Instructor - IPexpert, Inc.
> > Mailto: tscott_at_ipexpert.com
> > Telephone: +1.810.326.1444, ext. 208
> > Live Assistance, Please visit: www.ipexpert.com/chat
> > eFax: +1.810.454.0130
> >
> > IPexpert is a premier provider of Self-Study Workbooks, Video on Demand,
> > Audio Tools, Online Hardware Rental and Classroom Training for the Cisco
> > CCIE (R&S, Voice, Security & Service Provider) certification(s) with
> > training locations throughout the United States, Europe, South Asia and
> > Australia. Be sure to visit our online communities at
> > www.ipexpert.com/communities and our public website at www.ipexpert.com
> >
> >
> > -----Original Message-----
> > From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> > jack
> > daniels
> > Sent: Wednesday, June 02, 2010 7:18 AM
> > To: Cisco certification
> > Subject: Block traffic not orignating from ISP autonomous system
> >
> > Hi Guys,
> >
> > I'm facing a issue and stuck on a thought process , would appreciate if
> > some
> >
> > way you guys can show with your experience in industry -
> >
> >
> >
> > ISSUE ----
> >
> >
> > user X spoofs IP ADDRESS OF ISP-A and sends traffic out to internet...
> > now when traffic is comming back via ISP-A... I want to block such
> traffic
> > which is not orignating from my ISP...
> > but catch here is ---- filtering is to be done in ISP ...so putiing acl
> for
> > each users and ports is not scallable.....
> > Please help with any way out ...
> >
> > Thanks and Regards
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
> >
> > No virus found in this incoming message.
> > Checked by AVG - www.avg.com
> > Version: 9.0.819 / Virus Database: 271.1.1/2913 - Release Date: 06/02/10
> > 05:57:00
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Jun 02 2010 - 23:50:56 ART

This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 09:11:36 ART