 |
|
|
 Welcome to the Virus.Org Mailing List Archive |
||
 |
||
|
||
|
On Wednesday 01 October 2003 9:50 am, Jon R. Kibler wrote: > If the answer to the above questions are 'no', then why was the Cisco IOS > bug considered such a risk? Which bug? The recent IOS advisory I'm thinking of only deals with IPv4 packets: <http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml> "Cisco routers are configured to process and accept Internet Protocol version 4 (IPv4) packets by default. IPv4 packets handled by the processor on a Cisco IOS device with protocol types of 53 (SWIPE), 55 (IP Mobility, or 77 (Sun ND), all with Time-to-Live (TTL) values of 1 or 0, and 103 (Protocol Independent Multicast - PIM) with any TTL value, may force the device to incorrectly flag the input queue on an interface as full. A full input queue will stop the device from processing inbound traffic on that interface and may result in routing protocols dropping due to dead timers." If this is what you're referring to it was such a risk because it was so easily exploited, and for detection, you can use snort since it is IP. <http://www.cisco.com/go/psirt/> Excuse me if I'm off target, this post dos'd my brain. -- Mark Tombaugh <[EMAIL PROTECTED]> Allied Computer Corporation <http://www.alliedcc.com> USiHOST, iNC. <http://www.usihost.com> _______________________________________________ list mailing list [EMAIL PROTECTED] To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
|
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.