Of course, a far better way to go would be to NAT the DSL users on RFC 1918 addresses.
-----Original Message----- From: Juha Saarinen [mailto:juha(a)saarinen.org] Sent: Thursday, 20 September 2001 12:17 To: 'Matt Camp' Cc: 'Gordon Smith'; nznog(a)list.waikato.ac.nz Subject: RE: [jim(a)cyberjunkees.com: Re: FW: Worm probes]
:: Unfortuntly, (as far as i'm aware, and i've never really :: played with this :: stuff that much), its pretty much limited to port/address/protocol :: matching... so you're not really going to be able to block :: these worms.
I'd be happy with that -- I need to have the ADSL modem going to receive email, but http on port 80 isn't crucial. So, I'd be most pleased if I could just ask my ISP to filter traffic to TCP 80, e.g. through a Web page form. Then when the infections / attempts die down, I could just go to the same Web form and click to have the filtering taken off.
Of course, this could be done by email and a script that parses the message body for commands, but I think a Web page would be easier.
-- Juha
--------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog