username password enable enable-password config terminal no ip access-list extended ipv4-inet-in ip access-list extended ipv4-inet-in remark -- Asia Pacific Network Information Center, Pty. Ltd -- abuse@apnic.net -- deny ip 124.0.209.0 0.0.0.255 any log remark -- various Online Services -- abuse@telefonica.de -- deny ip 217.184.51.0 0.0.0.255 any log remark -- Song Networks -- abuse@songnetworks.se -- deny ip 195.42.220.0 0.0.0.255 any log remark -- Open Computer Network -- -- deny ip 222.149.192.0 0.0.0.255 any log remark -- -- -- deny ip 69.212.92.0 0.0.0.255 any log remark -- Webhostplus Inc -- abuse@webhostplus.com -- deny ip 66.111.255.0 0.0.0.255 any log remark -- CHINANET -- abuse@ns.chinanet.cn.net -- deny ip 219.146.96.0 0.0.0.255 any log remark -- CHINANET -- abuse@ns.chinanet.cn.net -- deny ip 219.146.78.0 0.0.0.255 any log remark -- ECUANET - CORPORACION ECUATORIANA DE INFORMACION (NET-ECUANET) -- xbaquero@ecua.net.ec -- deny ip 157.100.79.0 0.0.0.255 any log remark -- KOREA TELECOM -- abuse@kornet.net -- deny ip 222.117.99.0 0.0.0.255 any log remark -- CHINANET Chongqing Province Network -- abuse@cta.cq.cn -- deny ip 61.128.161.0 0.0.0.255 any log remark -- Chinanet -- antispam@dcb.hz.zj.cn -- deny ip 61.130.254.0 0.0.0.255 any log remark -- FUJITSU LIMITED -- abuse@web.ad.jp -- deny ip 220.145.197.0 0.0.0.255 any log remark -- chinanet -- anti-spam@ns.chinanet.cn.net -- deny ip 220.163.11.0 0.0.0.255 any log remark -- CHINANET Hubei province network -- abuse_hb@public.wh.hb.cn -- deny ip 61.136.152.0 0.0.0.255 any log remark -- -- -- deny ip 193.220.134.0 0.0.0.255 any log remark -- CNCGROUP Jilin province network -- abuse@cnc-noc.net -- deny ip 218.25.253.0 0.0.0.255 any log remark -- Shenyang City Heping Borough -- abuse@online.ln.cn -- deny ip 202.97.181.0 0.0.0.255 any log remark -- CHINANET-SN -- anti-spam@ns.chinanet.cn.net -- deny ip 61.185.36.0 0.0.0.255 any log remark -- GabrielCommunications,Inc -- abuse@nuvox.net -- deny ip 66.49.10.0 0.0.0.255 any log remark -- Blocked CNCGROUP ------------------------------------ remark -- Zie ook: http://hvdkooij.xs4all.nl/hallofshame.en.cms deny ip 58.18.0.0 0.0.255.255 any log deny ip 60.0.0.0 0.7.255.255 any log deny ip 60.8.0.0 0.3.255.255 any log deny ip 61.138.0.0 0.0.63.255 any log deny ip 202.99.128.0 0.0.63.255 any log deny ip 218.27.0.0 0.0.255.255 any log deny ip 222.160.0.0 0.3.255.255 any log deny ip 221.5.128.0 0.0.127.255 any log deny ip 221.10.0.0 0.0.255.255 any log deny ip 221.196.0.0 0.1.255.255 any log deny ip 221.198.0.0 0.0.255.255 any log deny ip 221.200.0.0 0.3.255.255 any log deny ip 221.208.0.0 0.3.255.255 any log deny ip 221.212.0.0 0.0.255.255 any log remark -- usen (JP) 2006-01-17 -------------------------------- deny ip 58.80.0.0 0.1.255.255 any log remark -- Blocked AS8359 2005-10-03 --------------------------- remark -- Zie ook: http://hvdkooij.xs4all.nl/hallofshame.en.cms deny ip 213.147.32.0 0.0.31.255 any log remark -- ICMP for maintenance traffic only ------------------- permit icmp any any echo-reply permit icmp any any packet-too-big permit icmp any any time-exceeded permit icmp any any unreachable remark -- SMTP for email -------------------------------------- permit tcp any any eq smtp deny tcp any any eq 113 remark -- DNS ------------------------------------------------- permit udp any any eq domain permit tcp any any eq domain remark -- WEB SERVER ------------------------------------------ permit tcp any any eq www permit tcp any any eq 443 remark -- NTP only for selected servers ----------------------- permit udp host 193.67.79.202 any eq ntp permit udp host 194.109.20.18 any eq ntp permit udp host 194.109.22.18 any eq ntp permit udp any eq ntp any remark -- DROP and LOG everything else ------------------------ deny ip any any log remark -- DONE ------------------------------------------------ exit exit write memory exit