>
> Plus, who wouldn't give up the CLI for a candy-based
> interface that smiles at you?
>
> Pete.
you missed the :) there.
--bill
On Wed, 23 Jul 2003, Pete Kruckenberg wrote:
> Plus, who wouldn't give up the CLI for a candy-based
> interface that smiles at you?
Perhaps the guy sitting next to me who has had two seperate devices in the
last couple of weeks that in order to be configured required Latest Java
and Internet Expl
On Wed, 23 Jul 2003, McBurnett, Jim wrote:
> >Quick solution to this bug, as well as any future bug(s) replace all
> >routers with PCs running Zebra.
>
> That is good until Zebra get's a bug and then someone will say
> go to XYZ...
Macintosh running Zebra. Macs are as powerful as
supercom
Another argument for OSPF authentication it seems. However we are
still out of luck in the STP announcements
unless you configure all the neat little *guard features (bpdu,root
etc) from Cisco et al.
On Wednesday, July 23, 2003, at 12:34 PM, [EMAIL PROTECTED] wrote:
Like I said, it's not
> Like I said, it's not going to be perfect, but it is better than blindly
> spewing out evil packets.
Between me and you, ospf packets or bad stp packets are a lot more dangerous
than the whack a cisco router. Just try it.
Alex
>Quick solution to this bug, as well as any future bug(s) replace all
>routers with PCs running Zebra.
That is good until Zebra get's a bug and then someone will say
go to XYZ...
Jim
>P.S. The only sure way of eradicating this Cisco bug from the Internet is
>to convert the Internet to IPv6. The bug doesn't affect Cisco's IPv6 code
>and older routers whose IOS cannot be upgraded also cannot do IPv6 so
>they cannot be used in an IPv6 Internet. Food for thought...
Quick solut
-- On Wednesday, July 23, 2003 10:13 +0100
-- [EMAIL PROTECTED] supposedly wrote:
P.S. The only sure way of eradicating this Cisco bug from the Internet is
to convert the Internet to IPv6. The bug doesn't affect Cisco's IPv6 code
and older routers whose IOS cannot be upgraded also cannot do IPv6 so
-- On Tuesday, July 22, 2003 16:55 -0500
-- "Austad, Jay" <[EMAIL PROTECTED]> supposedly wrote:
Like I said, it's not going to be perfect, but it is better than blindly
spewing out evil packets.
Let's all hope they keep to "blindly spewing out evil packets".
--
TTFN,
patrick
-- On Wednesday, July 23, 2003 01:59 -0400
-- Richard A Steenbergen <[EMAIL PROTECTED]> supposedly wrote:
On Tue, Jul 22, 2003 at 05:53:45PM -0400, [EMAIL PROTECTED] wrote:
On Tue, 22 Jul 2003 17:51:20 EDT, [EMAIL PROTECTED] said:
> I guess all folks with Ph.D. at Akamai really are paid for nothin
>> Just a handful of traceroutes would give it enough information to start
>> at a major backbone and work back towards itself.
>I guess all folks with Ph.D. at Akamai really are paid for nothing if a
>virus could calculate that with a few traceroutes.
Akamai is a business and has customers payi
On Tue, Jul 22, 2003 at 05:53:45PM -0400, [EMAIL PROTECTED] wrote:
> On Tue, 22 Jul 2003 17:51:20 EDT, [EMAIL PROTECTED] said:
>
> > I guess all folks with Ph.D. at Akamai really are paid for nothing if a
> > virus could calculate that with a few traceroutes.
>
> It's actually pretty easy if you
> How many thousands of "polls" do you think a looking glass can handle
> simultaneously? I am all for the doomsday scenarios, but lets
> make them a
> little bit less sci-fi, shall we? How about "it would create
> valid looking
> OSPF packets with garbage in them?" or "create valid looking
> S
On Tue, 22 Jul 2003 17:51:20 EDT, [EMAIL PROTECTED] said:
> I guess all folks with Ph.D. at Akamai really are paid for nothing if a
> virus could calculate that with a few traceroutes.
It's actually pretty easy if you get 20K distributed zombies doing the traceroutes
and then distributing the dat
On Tue, 22 Jul 2003 17:50:17 EDT, [EMAIL PROTECTED] said:
> How many thousands of "polls" do you think a looking glass can handle
> simultaneously? I am all for the doomsday scenarios, but lets make them a
> little bit less sci-fi, shall we? How about "it would create valid looking
> OSPF packets
> Just a handful of traceroutes would give it enough information to start
> at a major backbone and work back towards itself.
I guess all folks with Ph.D. at Akamai really are paid for nothing if a
virus could calculate that with a few traceroutes.
Alex
> > Pray tell, the virus will also get BGP feeds to determine
> > where the edges
> > are?
>
> It could poll different looking glasses...
And I could be the Pope...
How many thousands of "polls" do you think a looking glass can handle
simultaneously? I am all for the doomsday scenarios, but l
Tuesday, July 22, 2003 4:01 PM
> > To: Austad, Jay
> > Cc: [EMAIL PROTECTED]
> > Subject: RE: Cisco vulnerability and dangerous filtering techniques
> >
> >
> > > I was thinking about this the other day. The most
> > efficient way to make
>
It could poll different looking glasses...
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, July 22, 2003 4:01 PM
> To: Austad, Jay
> Cc: [EMAIL PROTECTED]
> Subject: RE: Cisco vulnerability and dangerous filtering techniqu
> I was thinking about this the other day. The most efficient way to make
> this work would be to spread using some vulnerability (like the Microsoft
> DCOM vulnerability released last week), and then at a predetermined time,
> start DoS'ing routers in the IP space of major providers, and then wo
In our case we use some older routers as managment devices... Not
critical to the core unless there is some larger outage... Those
devices are old enough that they can't handle a newer rev of code...
ACL's are the only answer there..
Luckily they have very little traffic even under heavy use, s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 22 Jul 2003, Jason Frisvold wrote:
>
> Not only the "clueless", but how about those of us who deploy older
> routers sometime in the future with legitimate uses? What happens when
> we "forget" that this bug exists? Now we have to go through the
On Tue, 2003-07-22 at 09:54, [EMAIL PROTECTED] wrote:
> I'm going to go out on a limb and say that at least 30% of Ciscos are installed
> in places that would, if hit with this, have NO CLUE why their router needs to be
> power cycled every 30 mins.
Not only the "clueless", but how about those
Austad, Jay wrote:
I was thinking about this the other day. The most efficient way to make
this work would be to spread using some vulnerability (like the Microsoft
DCOM vulnerability released last week), and then at a predetermined time,
start DoS'ing routers in the IP space of major providers, a
er worm.
Jay
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, July 22, 2003 9:58 AM
> To: Adam Maloney
> Cc: [EMAIL PROTECTED]
> Subject: Re: Cisco vulnerability and dangerous filtering techniques
>
>
>
> That is a bit p
On Tue, 22 Jul 2003 14:58:22 -, [EMAIL PROTECTED] said:
> That is a bit paranoid, but it could happen. I have not seen anybody do
> anything that intelligent in the past couple of years. Not to say that there
> arent people out there that couldn't do that but I think many have thought of
> us
On Tue, 22 Jul 2003 10:08:42 EDT, you said:
> I see this as a make or break If someone does not upgrade,
> well think of this as a roll-coaster.
> Remember the sign? This ride is not advised for
> people with bad backs, pregnant ladies..
Someplace I have a sign:
"Your clue must be at
That is a bit paranoid, but it could happen. I have not seen anybody do
anything that intelligent in the past couple of years. Not to say that there
arent people out there that couldn't do that but I think many have thought of
using one exploit to expose another, DDoS is the closest I have se
rning experiences...
J
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 22, 2003 9:55 AM
To: Niels Bakker
Cc: [EMAIL PROTECTED]
Subject: Re: Cisco vulnerability and dangerous filtering techniques
On Tue, 22 Jul 2003 15:40:02 +0200, Niels Bakker
&l
On Tue, 22 Jul 2003 15:40:02 +0200, Niels Bakker <[EMAIL PROTECTED]> said:
>
> * [EMAIL PROTECTED] (Adam Maloney) [Tue 22 Jul 2003, 15:33 CEST]:
> > The next worm taking advantage of the latest Windows' vulnerabilities
> > is more or less inevitable. Someone somewhere has to be writing it.
> > S
Hi Adam,
I thought the same, and the solution is to apply the filters to all interfaces
not just the borders.
One thing about the worm idea is that if it hits routers it should burn itself
out fairly quickly as it cuts off its own access.
Another thing is it is necessary to send out probes p
* [EMAIL PROTECTED] (Adam Maloney) [Tue 22 Jul 2003, 15:33 CEST]:
> The next worm taking advantage of the latest Windows' vulnerabilities
> is more or less inevitable. Someone somewhere has to be writing it.
> So why not include the cisco exploit in the worm payload?
Why would a worm disable a v
32 matches
Mail list logo
