- Blue, 1500 points or more
Can someone explain this ACL?
Once you think you know ACLs inside and out, and that they are so basic, you get something like this thrown at ya. lol
ip access-list extended Virus_LAN
<b>deny 53 any any
deny 55 any any
deny 77 any any </b>
deny pim any any
deny tcp any any eq 4444
deny tcp any any eq 5554
If I remember correctly this was a recommended step for a vulnerability a few years ago. This ACL is denying protocol types.
Cisco IOS is vulnerable to a flaw that can allow a remote attacker to cause a denial of service condition. The vulnerability is due to how malformed IPv4 packets are processed. Packets with a protocol type of 53 (SWIPE), 55 (IP Mobility), 77 (Sun ND), or 103 (Protocol Independent Multicast - PIM) can incorrectly cause the interface input queue to be flagged as full. An attacker can send a series of packets that will cause the interface to stop processing further network traffic.