April 26th, 2002, 03:19 PM
Cisco access list to block dalnet's winsock probe...
I know for the most part how to set up basic and extended access lists...
My problem is that my NAT router (Cisco) runs telnetd and connecting to dalnet servers results in a kline for the port.
I could just block all access to the service accept a couple of subnets and be fine but I sometimes need to telnet to it from multiple subnets (usually on one domain) and adding them all creates a problem.
I could just block the subnets dalnet uses to the service if there were not so many and I believe I am restricted to IP 4 addresses only, preventing me from spending all of 5 seconds just adding *.dal.net:23 deny
Is there a way to temporarly dissable the service dirring the initial connection scan asside form just doing a deny all then a copy start run?
Anything I may be looking over or suggestions?