Common Access list for Small office Cisco Routers

Below are the commonly used access list to prevent virus attack on your Cisco Router.I have used this access-list to prevent virus attacks on SOHO routers as small offices and homes which is not having Cisco Firewalls.

access-list 129 deny   udp any any eq 135
access-list 129 deny   tcp any any eq 135
access-list 129 deny   tcp any any eq 137
access-list 129 deny   tcp any any eq 138
access-list 129 deny   tcp any any eq 139
access-list 129 deny   udp any any eq 445
access-list 129 deny   tcp any any eq 445
access-list 129 deny   tcp any any eq 777
access-list 129 deny   tcp any any eq 778
access-list 129 deny   tcp any any eq 707
access-list 129 deny   udp any any eq 666
access-list 129 deny   tcp any any eq 1022
access-list 129 deny   tcp any any eq 1023
access-list 129 deny   udp any any eq 1434
access-list 129 deny   udp any any eq 2048
access-list 129 deny   tcp any any eq 2688
access-list 129 deny   udp any any eq 4000
access-list 129 deny   tcp any any eq 2556
access-list 129 deny   tcp any any eq 2745
access-list 129 deny   tcp any any eq 4444
access-list 129 deny   tcp any any eq 4751
access-list 129 deny   tcp any any eq 5554
access-list 129 deny   tcp any any eq 5557
access-list 129 deny   tcp any any eq 5556
access-list 129 deny   tcp any any eq 9996
access-list 129 deny   tcp any any eq 17771
access-list 129 deny   tcp any any eq 6789
access-list 129 deny   tcp any any eq 54112
access-list 129 deny   tcp any any eq login
access-list 129 deny   tcp any any eq finger
access-list 129 deny   udp any any eq netbios-ss
access-list 129 deny   udp any any eq netbios-ns
access-list 129 deny   udp any any eq netbios-dgm
access-list 129 deny   ip host 0.0.0.0 any
access-list 129 deny   ip 127.0.0.0 0.255.255.255 any
access-list 129 permit ip any any

 

Leave a Reply

Your email address will not be published. Required fields are marked *