[170925] in North American Network Operators' Group

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

No subject found in mail header

daemon@ATHENA.MIT.EDU (daemon@ATHENA.MIT.EDU)
Sat Apr 12 21:38:24 2014

Received-SPF: pass (mail146-va3: domain of utc.edu designates 150.182.134.37
 as permitted sender) client-ip=150.182.134.37; envelope-from=Jeff-Kell@utc.edu;
 helo=utcedge02.utc.edu ; ge02.utc.edu ; 
Received: from mail146-va3 (localhost.localdomain [127.0.0.1]) by mail146-va3
 (MessageSwitch) id 1397353047309598_9883;
 Sun, 13 Apr 2014 01:37:27 +0000 (UTC)
Received: from VA3EHSMHS007.bigfish.com (unknown [10.7.14.231])	by
 mail146-va3.bigfish.com (Postfix) with ESMTP id 4693F40266;	Sun, 13 Apr 2014
 01:37:27 +0000 (UTC)
Received: from utcedge02.utc.edu (150.182.134.37) by VA3EHSMHS007.bigfish.com
 (10.7.99.17) with Microsoft SMTP Server (TLS) id 14.16.227.3;
 Sun, 13 Apr 2014 01:37:27 +0000
Received: from UTCCAS2.utc.tennessee.edu (172.27.89.11) by utcedge02.utc.edu
 (172.27.92.17) with Microsoft SMTP Server (TLS) id 14.2.347.0; Sat, 12 Apr
 2014 21:37:54 -0400
Received: from [10.192.252.137] (172.28.11.6) by utccas2.utc.tennessee.edu
 (172.27.89.11) with Microsoft SMTP Server (TLS) id 14.2.318.4; Sat, 12 Apr
 2014 21:37:55 -0400
Message-ID: <5349EA60.3080801@utc.edu>
Date: Sat, 12 Apr 2014 21:37:36 -0400
From: Jeff Kell <jeff-kell@utc.edu>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: Harry Hoffman <hhoffman@ip-solutions.net>, Lamar Owen <lowen@pari.edu>
Subject: Re: Heartbleed Bug Found in Cisco Routers, Juniper Gear
References: <CAPLq3UMWo+k-YtzMGBPPTddYwT1e2Z4h0ieMK2eRHHpfHRtQ0w@mail.gmail.com>
 <5349B81E.8030905@pari.edu>
 <521AB7DF-85DA-47CA-BF4F-AED6F3769CF8@ip-solutions.net>
In-Reply-To: <521AB7DF-85DA-47CA-BF4F-AED6F3769CF8@ip-solutions.net>
X-Enigmail-Version: 1.6
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="EQNB3lRCf0VI1EPmMpdAB1v3Te5U3rQ69"
X-OriginatorOrg: utc.edu
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Cc: "nanog@nanog.org" <nanog@nanog.org>
X-BeenThere: nanog@nanog.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: North American Network Operators Group <nanog.nanog.org>
List-Unsubscribe: <http://mailman.nanog.org/mailman/options/nanog>,
 <mailto:nanog-request@nanog.org?subject=unsubscribe>
List-Archive: <http://mailman.nanog.org/pipermail/nanog/>
List-Post: <mailto:nanog@nanog.org>
List-Help: <mailto:nanog-request@nanog.org?subject=help>
List-Subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>,
 <mailto:nanog-request@nanog.org?subject=subscribe>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

--EQNB3lRCf0VI1EPmMpdAB1v3Te5U3rQ69
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

On 4/12/2014 8:55 PM, Harry Hoffman wrote:
> Didn't Cisco already release a bunch of updates related to Anyconnect a=
nd heartbleed?

There were AnyConnect for iOS (little "i", not big "I") issues with
heartbleed, but everything else has been mostly phone and UCS related.
IOS XE is affected if you have enabled https:// administrative
interface.  Otherwise no (at least not yet, they're still checking).

There were, however, four separate security issues released this week
that affected SSL VPN, AnyConnect, and ASAs (I had to patch our ASAs
even though we do not do SSL VPN or AnyConnect, there is a DoS attack
possible via SIP).



--EQNB3lRCf0VI1EPmMpdAB1v3Te5U3rQ69
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iEYEARECAAYFAlNJ6m4ACgkQiwXJq373XhYKzQCfTrS9yvsJ+pghD4s+/jEVZnS5
yG0AnizYyjinOinDk3FrObgfiQwapBAx
=S9HZ
-----END PGP SIGNATURE-----

--EQNB3lRCf0VI1EPmMpdAB1v3Te5U3rQ69--

home	help	back	first	fref	pref	prev	next	nref	lref	last	post