Zsombor Papp wrote: > > At 09:54 PM 7/17/2003 +0000, Priscilla Oppenheimer wrote: > >It sounds like this is a hypothetical packet and situation > that Cisco > >quality assurance discovered. I thought it was something > already being > >exploited, but it doesn't sound like it. In that case, I guess > I support > >Cisco not telling us more about it. > > And in which case wouldn't you? If you are running any of the > affected > versions, then upgrade the routers or apply the workaround (and > if you > can't do any of these, then you should be right away grateful > for Cisco not > being very specific...).
As I explained, I don't use Cisco routers in a production network. But that doesn't stop hackers from attacking us with attacks that work only on Cisco routers. Some attackers are too lazy to try to figure out that we don't have Cisco routers. (It wouldn't be that hard to figure out). We have had crashes on our systems from attackers who thought they were going to do something else because they assumed a certain OS. They didn't succeed in what they were trying to do, but they did wreak havoc. > > If you are not using any of the affected versions (if I > understood > correctly, you are not even using IOS to start with), then why > do you worry > about this? I tried to explain it. Sorry you don't get it. Oh, well. > > I can understand that people's curiosity is always aroused by > mysterious > things that can kill a router, but keeping other people's > production > network operational is slightly more important than providing > entertainment > to the public. :) > It's not entertainment. Duh. By the way, you work at Cisco, right? Are you a good representation of the current employees? I used to work there. A lot of the employees were like you back then too. Priscilla > Thanks, > > Zsombor > > > >It's sort of an age-old security question of how much info to > publish. The > >info would help the white hats, but also the black hats. > > > >Unfortunately, I can't look at bug reports (even with my guest > access!?) > >Maybe there's more in the bug reports. I still want to know > more about these > >packets. :-) But I guess I'll have to do more research.... > > > >Priscilla > > > >M.C. van den Bovenkamp wrote: > > > > > > Duncan Maccubbin wrote: > > > > > > > I was on a conference call with Cisco and the Cisco rep > felt > > > we were > > > > overreacting by rushing to change our code right away, He > > > said that the > > > > packet was extremely difficult to create and the person > would > > > have to be a > > > > "genius" to make it. > > > > > > As we don't know exactly *what* you need to do, it's > difficult > > > to say > > > whether he's right or not. But my gut says he's wrong; as > soon > > > as you > > > *do* know, there are 'packetfactory'-tools enough about... > > > > > > Regards, > > > > > > Marco. > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72539&t=72463 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
