North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Please Check Filters - BOGON Filtering IP Space 126.96.36.199/19
- From: Rob Thomas
- Date: Thu Jan 20 20:35:04 2005
Will makes an excellent point here:
] I beg to differ - 3/4 of the Cisco routers in (enterprise) production are
] *unmaintained*. These will have a variety of vulnerable, buggy or just plain
] crap IOS versions and no-one would've even considered upgrading for years.
While I don't have any numbers, I can say that we see a LOT of
routers overtly compromised and modified as a result. The
modifications are generally scripted, and include changing the
passwords (to anything but "cisco"), disabling logging, and
adding filters. You'd think such things would be rather
obvious, and they are, yet no one notices.
Most of these compromised routers are at the end of FR or
frac-T connections. I suspect a great many of them were
configured once, then left to rot with the same code and
configuration for years and years.
Shaving with Occam's razor since 1999.