North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
RE: Working vulnerability? (Cisco exploit)
- From: Christopher L. Morrow
- Date: Fri Jul 18 12:19:20 2003
On Fri, 18 Jul 2003 jlewis@lewis.org wrote:
>
> On Fri, 18 Jul 2003, Ben Buxton wrote:
>
> > It's released and it works - I have verified it in a lab here.
>
> And others are trying it in the field now. I setup the recommended
> transit ACLs yesterday. Starting at 9:25am EDT this morning, those ACLs
> started getting hits. What doesn't make sense to me is according to the
> advisory, the packets have to be destined for the router to crash it (not
> just passed through it), but people are attacking seemingly random IPs,
> including ones in a new ARIN block that have not yet been assigned/used
> for anything. What do they think they're attacking?
>
Is there wide spread use of the protocol 55? (IP Mobility) There seems to
be alot of that around, more than I'd have expected :)
|
