Common Access list for Small office Cisco Routers

Common Access list for Small office Cisco Routers

Below are the commonly used access list to prevent virus attack on your Cisco Router.I have used this access-list to prevent virus attacks on SOHO routers as small offices and homes which is not having Cisco Firewalls.

access-list 129 deny   udp any any eq 135
access-list 129 deny   tcp any any eq 135
access-list 129 deny   tcp any any eq 137
access-list 129 deny   tcp any any eq 138
access-list 129 deny   tcp any any eq 139
access-list 129 deny   udp any any eq 445
access-list 129 deny   tcp any any eq 445
access-list 129 deny   tcp any any eq 777
access-list 129 deny   tcp any any eq 778
access-list 129 deny   tcp any any eq 707
access-list 129 deny   udp any any eq 666
access-list 129 deny   tcp any any eq 1022
access-list 129 deny   tcp any any eq 1023
access-list 129 deny   udp any any eq 1434
access-list 129 deny   udp any any eq 2048
access-list 129 deny   tcp any any eq 2688
access-list 129 deny   udp any any eq 4000
access-list 129 deny   tcp any any eq 2556
access-list 129 deny   tcp any any eq 2745
access-list 129 deny   tcp any any eq 4444
access-list 129 deny   tcp any any eq 4751
access-list 129 deny   tcp any any eq 5554
access-list 129 deny   tcp any any eq 5557
access-list 129 deny   tcp any any eq 5556
access-list 129 deny   tcp any any eq 9996
access-list 129 deny   tcp any any eq 17771
access-list 129 deny   tcp any any eq 6789
access-list 129 deny   tcp any any eq 54112
access-list 129 deny   tcp any any eq login
access-list 129 deny   tcp any any eq finger
access-list 129 deny   udp any any eq netbios-ss
access-list 129 deny   udp any any eq netbios-ns
access-list 129 deny   udp any any eq netbios-dgm
access-list 129 deny   ip host 0.0.0.0 any
access-list 129 deny   ip 127.0.0.0 0.255.255.255 any
access-list 129 permit ip any any

Leave a reply

Your email address will not be published. Required fields are marked *