Devdas Bhagat [31/12/06 21:25 +0530]:
>I just had a conversation about certain system in .ru hosting spamming
>software which is downloaded via trojans and then used to send spam.
>
>How complex would it be to setup router ACLs to block such hosts by
>automatically updating router configurations (script this)? What kind of
>performance impact can we expect?
Depends - how many IPs? There's enough cisco config management software
like CCR [the one Alexi Roudnev maintains] and others to pull the stuff out
of band on a separate host and update nullroutes as required .. but now
many IPs would need nullrouting.
--
This is the SANOG (http://www.sanog.org/) mailing list.
| 