[14010] in North American Network Operators' Group
Re: OPS: SECURITY new packet of death
daemon@ATHENA.MIT.EDU (Nathan Bates)
Tue Nov 25 07:38:56 1997
In-Reply-To: <3475B5E1.DB12FC58@wisper.net>
Date: Fri, 21 Nov 1997 13:52:15 -0500 (EST)
From: Nathan Bates <nbates@mci.net>
To: Leigh Porter <leigh@wisper.net>
Cc: nanog@merit.edu, Charley Kline <kline@uiuc.edu>
The obvious fix is to block at your firewall, gw, and/or router any
packet with a source address/port that matches the destination
address/port.
Several Cisco IOS filters have have passed through BugTraq mailing
list to solve this problem. All of these filters can be located at:
http://www.geek-girl.com/bugtraq
Regards,
Nathan Bates
On 21-Nov-97 Leigh Porter wrote:
> Charley Kline wrote:
>
>> > land.c is this program
>>
>> I tried it against a 7505 running 11.2(9)P and a 2511 running
>> 11.2(7a),
>> with no obvious bad effects. The announcement does not indicate which
>> IOS versions are vulnerable; I'd love to know.
>>
>> --
>> Charley Kline kline@uiuc.edu
>> UIUC Network Architect n stuff
>
> I can confirm this, yet customers on 10.0 have had problems.
>
> I would like to know wether Cisco will be letting all those people with
> 10.0
> have free upgrades to 11.0 in view of the potential seriousnes of this
> bug.
>
> --
>
> Leigh Porter - Wisper Bandwidth Plc - http://www.wisper.net
> GeekCode - http://saratoga.wisper.net:9999/~leigh/
> Set UR PC 3 - http://www.linux.org
>
>
Nathan Brock Bates <nbates@mci.net> internetMCI iNOC <hostmaster@mci.net>
-------------------------------------------------------------------------
The opinions expressed herein do not express those of internetMCI or MCI.
