Tuesday, September 04, 2007

Spamhaus DROP (Don't Route Or Peer)

I came across this interesting Spamhaus DROP (Don't Route Or Peer) list.

Quote:
When implemented at a network or ISP's 'core routers', DROP will protect all the network's users from spamming, scanning, harvesting and dDoS attacks originating on rogue netblocks.

I added this to my 'Blocked Sites...'. You can do this to:

1. Download the list.
2. Remove everything except the netblocks and save the file as a text file.
3. Go to 'Intrusion prevention' --> 'Blocked Sites...' and click on 'Import...'
4. Select your saved file and save the new configuration to your firebox.

You can do this every month because:

Quote:
The DROP list changes quite slowly.

3 Comments:

Blogger hongleong said...

Is there a way to automate the import so that, once the setup is done, we don't have to incur extra time to manage it? Thanks. :)

8:22 AM  
Blogger David said...

Hi, this is not valid anymore on 11.7.xx Firmware. Do you know a way to import the DROP list nowadays.

11:02 PM  
Blogger David said...

Found it.
Setup -> Default Thread Protection -> Blocked Sites.
Import folowwing the instructions.
http://www.watchguard.com/help/docs/wsm/11/en-us/content/en-us/intrusionprevention/blocked%20_sites_external_list_c.html

11:20 PM  

Post a Comment

<< Home