On Mon, 7 Jun 2004, McBurnett, Jim wrote:
> Aside from that, Use ACL's out the wazoo on the VTY lines and limit access to
> that to say 1 SSH enabled router or 1 IPSEC enabled router...
It doesn't really matter if you use SSH, Telnet or HTTP; if you can send
evil packets to the router/switch and
On Wed, 9 Jun 2004, Sean Donelan wrote:
> On Mon, 7 Jun 2004, McBurnett, Jim wrote:
> > Aside from that, Use ACL's out the wazoo on the VTY lines and limit access to
> > that to say 1 SSH enabled router or 1 IPSEC enabled router...
>
> It doesn't really matter if you use SSH, Telnet or HTTP; if
On Wed, 9 Jun 2004, Sean Donelan wrote:
>
> http://www.cisco.com/warp/public/707/cisco-sa-20040609-catos.shtml
>
> IP Permit Lists will not provide any mitigation against this vulnerability.
>
> The race is on, who will find your switches first?
>
makes one wonder about all that virus-foo runni
This is minor exploit - usually you set up VLAN1 interface with IP addres,
which is filterd out from outside. Moreover, there is not any good way to
find switch IP - it is transparent for user's devices.
>
> On Mon, 7 Jun 2004, McBurnett, Jim wrote:
> > Aside from that, Use ACL's out the wazoo o
On Wed, 9 Jun 2004, Alexei Roudnev wrote:
> This is minor exploit - usually you set up VLAN1 interface with IP addres,
> which is filterd out from outside. Moreover, there is not any good way to
> find switch IP - it is transparent for user's devices.
Yeah, port scanners are so rare on the Intern
On Thu, 10 Jun 2004, Sean Donelan wrote:
>
> On Wed, 9 Jun 2004, Alexei Roudnev wrote:
> > This is minor exploit - usually you set up VLAN1 interface with IP addres,
> > which is filterd out from outside. Moreover, there is not any good way to
> > find switch IP - it is transparent for user's de
On Wed, 9 Jun 2004, Alexei Roudnev wrote:
>
> This is minor exploit - usually you set up VLAN1 interface with IP addres,
'usually' doesn't cover everyone, and some people didn't think ahead or
realize that they might have a problem with this :(
> which is filterd out from outside. Moreover, th
On Thu, 10 Jun 2004, joshua sahala wrote:
> On (10/06/04 15:26), Christopher L. Morrow wrote:
> >
> > dns is your friend here :( People love to name things such that they are
> > easy to remember. cat5500.floor2.build3.you.com
> >
>
> only if the dns/security/network/whatever admins are stupid en
> Sprint did an interesting presentation at San Francisco, they have successfully
> taken p2p addresses out of their IGP and BGP, and are using private addresses
> for loopbacks and other things that dont need to be in public space and are
> filtering as much as possible.
>
indeed, and could
reason to break it...
- Original Message -
From: "Sean Donelan" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, June 10, 2004 4:19 AM
Subject: Re: TCP-ACK vulnerability (was RE: SSH on the router)
>
> On Wed, 9 Jun 2004, Alexei Roudnev wrote:
> &g
> Alexei Roudnev wrote:
> Even if I (if been a hacker) scan your networks and find
> this switch (and you did not moved it out of routable P),
> I will have not any idea, what is it about, where this
> switch is, and have not any reason to break it...
You (being a hacker) need a _reason_ to break
t;[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, June 10, 2004 10:11 PM
Subject: RE: TCP-ACK vulnerability (was RE: SSH on the router)
> Alexei Roudnev wrote:
> Even if I (if been a hacker) scan your networks and find
> this switch (and you did not moved it out of routable P
nd have
> not any reason to break it...
>
>
>
>
> - Original Message -
> From: "Sean Donelan" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, June 10, 2004 4:19 AM
> Subject: Re: TCP-ACK vulnerability (was RE: SSH on the rou
> Alexei Roudnev wrote:
> Of course, reason can be as simple as _I have MS_ or as
> complicated as _here is my girlfriend, and if this system
> went down, she will be released earlier_ -:) /most common
> reason was, yep, _getting IRC control_).
Or "just because I can do it". I call these lame exc
14 matches
Mail list logo
