Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

BLOCK SMTP NOW!

Status
Not open for further replies.

ndinc

ISP
Jun 29, 2005
111
US
Hello all,

Why is it that I cannot seem to block all traffic from the internal ip of 10.2.2.167 external 207.x.x.61.

netstat on the XP station shows massive port 25 access as we as ASDM logs. I cant seem to get it to stop.

Its got a Trojan know any good scna removals?

Tried, Avira, Hijack this, Malwarebytes, house call,combofix, nothing I am out of ideas.

HELP!

access-list outside_access_in extended deny tcp any host 10.2.2.167 eq smtp
access-list outside_access_in extended deny tcp any host 10.2.2.167 eq www
access-list outside_access_in extended deny tcp any host 207.X.X.61 eq smtp log
access-list outside_access_in extended deny tcp any any eq smtp
access-list outside_access_in extended deny tcp host 10.2.2.167 any log
access-list outside_access_in extended deny tcp any host 207.X.X.61 eq access-list outside_access_in extended deny ip host 207.X.X.61 any log
access-list outside_access_in extended deny ip host 10.2.2.167 any log

Thanks for your help
 
Read your access list. You matching on incoming on the outside interface (assuming default asa setup). Its backwards.

CCNP
 
Im stupid, created another ACL with inside references to that interface.


Thanks for your help
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top