[afnog] how to block spam activity on my router cisco 2600
Mikisa Richard
rmikisa at bushnet.net
Tue Oct 18 15:51:46 EAT 2005
Hi,
think that should be for paulademola at ciscomteck.zzn.com .
Richard
Sendoro Juma wrote:
>Dear Richard,
>
>kindly do the following
>
>on privillege mode
>
>RICHARD#conf t
>
>//on your interface to LAN
>
>int fa0/0 //assuming it is fast ethernet oo
>RICHARD (config-if)#ip route-cache flow
>
>
>give us the out put of the following command, but looking on your internal ip
>with many connection, then we shall know the port giving problem
>RICHARD# sh ip cache flow
>
>
>
>On Tuesday 18 October 2005 12:37, Mikisa Richard wrote:
>
>
>>Mark Tinka wrote
>>
>>
>>
>>>Is your upstream telling the truth from your perspective?
>>>How do they know spam is originating from your router's
>>>Ethernet interface? Are they familiar with your network
>>>topology and/or IP addressing scheme?
>>>
>>>If you have identified your router's Ethernet interface
>>>as sourcing the spam, could it be clients/servers are
>>>using the IP address on your router's Ethernet
>>>interface? NAT, perhaps? Your upstream must be able to
>>>identify a real IP address, and not relegate the source
>>>to your router.
>>>
>>>I'm curious to know why your upstream has identified your
>>>router as the source.
>>>
>>>Cheers,
>>>
>>>Mark.
>>>
>>>
>>I have received a couple of those warning myself, turns out they
>>actually do belong to some natted clients of mine who have been hit by
>>some massive mailers. Since most of us use NAT, all the upstream
>>provider can do is point the culprit to your block.I would do what the
>>others have said - point all SMTP traffic to one server, and perform
>>spam/Virus filtering on it.
>>
>>cheers
>>Richard
>>
>>
>>
>>_______________________________________________
>>afnog mailing list
>>
>>
>
>
>
More information about the afnog
mailing list