Since this technique requires a IPinIP or GRE tunnel, wouldn't blocking
these two protocols to/from the hosts be sufficient? Assuming of course
the customer's host isn't using that normally.
Chuck
Netco Government Services has recently acquired Multimax and is changing its name to Multimax Inc.
Visit http://www.multimax.com for more information.