Cisco ACL在VLAN或端口上阻止蠕虫端口
access-list 110 deny tcp any any rang 135 139 access-list 110 deny tcp any any eq 445 access-list 110 deny tcp any any eq 593 access-list 110 deny tcp any any eq 1029 access-list 110 deny tcp any any eq 4444 access-list 110 deny tcp any an
access-list 110 deny tcp any any rang 135 139
access-list 110 deny tcp any any eq 445
access-list 110 deny tcp any any eq 593
access-list 110 deny tcp any any eq 1029
access-list 110 deny tcp any any eq 4444
access-list 110 deny tcp any any eq 5000
access-list 110 deny tcp any any eq 5554
access-list 110 deny tcp any any eq 7955
access-list 110 deny udp any any rang 135 139
access-list 110 deny udp any any eq tftp
access-list 110 deny udp any any range 995 999
access-list 110 deny udp any any 1434
access-list 110 deny tcp any any gt 8090
access-list 110 deny udp any any eq 8090
access-list 110 permit ip any any
ip access-group 110 in
ip access-group 110 out