Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19

  • From: Rob Thomas
  • Date: Thu Jan 20 20:35:04 2005

Hi, NANOGers.

Will makes an excellent point here:

] I beg to differ -  3/4 of the Cisco routers in (enterprise) production are
] *unmaintained*. These will have a variety of vulnerable, buggy or just plain
] crap IOS versions and no-one would've even considered upgrading for years.

While I don't have any numbers, I can say that we see a LOT of
routers overtly compromised and modified as a result.  The
modifications are generally scripted, and include changing the
passwords (to anything but "cisco"), disabling logging, and
adding filters.  You'd think such things would be rather
obvious, and they are, yet no one notices.

Most of these compromised routers are at the end of FR or
frac-T connections.  I suspect a great many of them were
configured once, then left to rot with the same code and
configuration for years and years.

Thanks,
Rob.
-- 
Rob Thomas
http://www.cymru.com
Shaving with Occam's razor since 1999.





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.