[14058] in North American Network Operators' Group
RE: Advisory - tunneling of IP at exchange points.
daemon@ATHENA.MIT.EDU (Dave Van Allen)
Wed Nov 26 08:50:41 1997
From: Dave Van Allen <dave@fast.net>
To: "'Paul Thornton'" <prt@linx.net>, nanog@merit.edu
Date: Wed, 26 Nov 1997 08:20:03 -0500
Thanks Paul, wonderful job. Side-note (taken from the exploit write-up
http://www.linx.net/tunnel-advisory.txt):
>// Adding "log-input" to the end of each access-list line will log
>// the hardware address of the sender for good measure. IOS 11.1
>// and upwards only (from memory)
We find log-input to very unreliable and often producing wrong
information. It indeed operates differently across the 11.1 train (no
comment on 11.2 offered) I think 11.1.15 breaks it badly. Albeit
improperly worded and not well defined in print on CCO, please reference
cisco BUGid CSCdj40503 prior to trusting log-input for any valid info.
Best regards,
David Van Allen - FASTNET(tm) / You Tools Corporation
dave@fast.net (888)321-FAST(3278) http://www.fast.net
FASTNET - Business and Personal Internet Solutions
> -----Original Message-----
> From: Paul Thornton [SMTP:prt@linx.net]
> Sent: Tuesday, November 25, 1997 9:47 AM
> To: nanog@merit.edu
> Cc: eof@ripe.net; se-gix@sunet.se; mae-east-tech@uu.net;
> membership@linx.net; ops@linx.net
> Subject: Advisory - tunneling of IP at exchange points.
>
> -- PLEASE NOTE: If you are replying to this, consider pruning the list
> -- of cc's rather than crossposting replies wildly!
> Thanks.
>
[snip]
> The LINX and several of its members have recently had to take action
> against an ISP that was using GRE tunneling between exchange points
> to appropriate the capacity of other ISPs.
>
> Keith Mitchell
>
> Chairman
> London InterNet Exchange keith@linx.org
> Geneva House, 3 Park Road
> Peterborough PE1 2UX
> United Kingdom
> Phone: +44 1733 705000 (fax 353929)
>
>
> Paul
>
> --
> Paul Thornton, Network Engineer, London Internet Exchange Ltd.
> Tel: 07000 783797 Mobile: +44 467 372205
