Yes, that's exactly what you should do. Don't forget any of the loopback addresses as well. The question is what code trains are vulnerable, and what will folks with older hardware be able to do about it if Cisco says "no fix".
Len On Wed, Jul 16, 2003 at 02:45:45PM -0700, Blue Boar wrote: [snippage] > That generally means packets with a destination address of one of the > router's own interfaces. If there's some mystery exploit out there, one > workaround would be to firewall the router's own IP address(es). This > would still allow the router to perform its routing function for other IPs. > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
