 |
|
|
 Welcome to the Virus.Org Mailing List Archive |
||
 |
||
|
||
|
Greetings: As I was reviewing our Cisco routers' configurations, the blocks we (rather mindlessly) put into place because of the recent IOS bug for non-IP protocols raised a rather interesting set of questions that had not occurred to me before (but should have): Can non-IP protocols be routed over the Internet in such a way as to produce an undetectable (or at least difficult to detect) DOS or similar attack? Since most of our router rules are IP oriented, and most of our network monitoring tools are IP oriented, could we easily detect a non-IP attack? How would we determine from where it originated? Could such an attack be used to successfully compromise a system? Could non-IP services be used to access remote-control zombies on an already compromised system? etc. If the answer to the above questions are 'no', then why was the Cisco IOS bug considered such a risk? Finally, can the Internet now route IPv6 traffic and, if so, what precautions should we be taking? TIA for all insight offered! Jon R. Kibler Chief Technical Officer A.S.E.T., Inc. Charleston, SC USA (843) 849-8214 ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email. _______________________________________________ list mailing list [EMAIL PROTECTED] To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
|
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.