Mitigating Threats and Attacks with
Access Lists
ACL Review
Standard access lists (standard ACLs) allow filtering based on source IP
address only. Extended access lists (extended ACLs) allow filtering based
on source or destination address and most other fields in the IP packet
header (Layer 4 protocol type, source/destination port number, IP options,
Differentiated Services Code Point [DSCP] values, fragmentation parameters,
and so on).
Access lists can be either numbered or named. Numbered standard ACLs
have numbers from 1 to 99 or 1300 to 1999. Numbered extended ACLs have
numbers from 100 to 199 or 2000 to 2699.
You can apply access lists either inbound or outbound on an interface.
Inbound ACLs affect traffic moving toward the interface. Outbound ACLs
affect traffic leaving the interface.
Access lists are used extensively in router security configurations for permitting
or denying access to services, mitigating address spoofing, mitigating
various attack types, and more.