Hello Doug, Actually that's not true. Any one of the aforementioned protocols can fill the queue with ~76 packets.
Dave Gilmore Information Security Analyst -- Intrusense - Securing Business As Usual -----Original Message----- From: DOUGLAS GULLETT [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 3:16 PM To: Alvaro Gordon-Escobar Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Cisco Workaround I don't think you have to put all the access-list in. I believe that the hack requires a certain combination of packets to the four ports, so leaving one or two of them open should still prevent the hack. That might be a good question for Cisco TAC...they should be willing to help even if you "misplaced" your SmartNet contract information. ;-) Doug ----- Original Message ----- From: Alvaro Gordon-Escobar <[EMAIL PROTECTED]> Date: Wednesday, July 23, 2003 10:15 am Subject: Cisco Workaround > will this access list modification prevent my internal DNS server > from updates to it self from my telco's DNS server? > > access-list 101 deny 53 any any > access-list 101 deny 55 any any > access-list 101 deny 77 any any > access-list 101 deny 103 any any > !--- insert any other previously applied ACL entries here > !--- you must permit other protocols through to allow normal > !--- traffic -- previously defined permit lists will work > !--- or you may use the permit ip any any shown here access-list 101 > permit ip any any > > Thanks in advance > > ~alvaro Escobar > > ------------------------------------------------------------------- > -------- > ------------------------------------------------------------------- > --------- > > --------------------------------------------------------------------------- ----------------------------------------------------------------------------
