Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACL question (2)

What do the following ACLs mean?

deny or permit deny ip host 127.0.0.1 any

deny or permit deny tcp any any eq 1025

deny or permit deny tcp any any eq 445

deny or permit deny udp any any eq 445

deny or permit tcp any any range 135 139

deny or permit udp any any range 135 netbios-ss

1 ACCEPTED SOLUTION

Accepted Solutions
Purple

Re: ACL question (2)

Hi,

deny or permit deny ip host 127.0.0.1 any

- matches on packets sourced from the loopback address 127.0.0.

deny or permit deny tcp any any eq 1025

- matches on packets destined to tcp port 1025, which is used by by the Microsft RPC service

deny or permit deny tcp any any eq 445

- matches on packets destined to tcp port 445, which is used by windows for supporting Samba over TCP

deny or permit deny udp any any eq 445

- matches on packets destined to tcp port 445, which is used by windows for supporting Samba over UDP

deny or permit tcp any any range 135 139

- matches on packets destined to tcp ports 135-139, which are used by by the Microsft RPC & NetBIOS services

deny or permit udp any any range 135 netbios-ss

- matches on packets destined to udp ports 135-139, which are used by by the Microsft RPC & NetBIOS services

These entries are typically used in ACLs for the provision of security by blocking access to common Microsoft services...

Pls remember to rate posts.

Paresh

3 REPLIES
Purple

Re: ACL question (2)

Hi,

deny or permit deny ip host 127.0.0.1 any

- matches on packets sourced from the loopback address 127.0.0.

deny or permit deny tcp any any eq 1025

- matches on packets destined to tcp port 1025, which is used by by the Microsft RPC service

deny or permit deny tcp any any eq 445

- matches on packets destined to tcp port 445, which is used by windows for supporting Samba over TCP

deny or permit deny udp any any eq 445

- matches on packets destined to tcp port 445, which is used by windows for supporting Samba over UDP

deny or permit tcp any any range 135 139

- matches on packets destined to tcp ports 135-139, which are used by by the Microsft RPC & NetBIOS services

deny or permit udp any any range 135 netbios-ss

- matches on packets destined to udp ports 135-139, which are used by by the Microsft RPC & NetBIOS services

These entries are typically used in ACLs for the provision of security by blocking access to common Microsoft services...

Pls remember to rate posts.

Paresh

New Member

Re: ACL question (2)

thanks;

Where can I find a complete list of these options?

reza

Purple

Re: ACL question (2)

You can't.. you just have to find out the applications you want to block and craft access-lists accordingly.

However, the following site maintains a secure IOS template that you can use as a starting point:

http://www.cymru.com/Documents/secure-ios-template.html

Pls rate the post if it helps.

Paresh

221
Views
0
Helpful
3
Replies