[182043] in North American Network Operators' Group
Re: Possible Sudden Uptick in ASA DOS?
daemon@ATHENA.MIT.EDU (Jared Mauch)
Thu Jul 9 17:39:17 2015
X-Original-To: nanog@nanog.org
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <op.x1izloggtfhldh@rbeam.xactional.com>
Date: Thu, 9 Jul 2015 17:39:16 -0400
To: Ricky Beam <jfbeam@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
> On Jul 9, 2015, at 5:35 PM, Ricky Beam <jfbeam@gmail.com> wrote:
>=20
> On Thu, 09 Jul 2015 07:27:16 -0400, Jared Mauch =
<jared@puck.nether.net> wrote:
>> Really just people not patching their software after warnings more =
than six months ago:
>=20
> A lot goes into "updates". Not the least of which is *knowing* about =
the issue. Then getting the patched code, then lab testing, then =
regulatory approval(s), then maintenance window(s)=E2=80=A6
Not my first rodeo.
Once again, it=E2=80=99s been since October 2014. If you failed to pay =
your credit card bill from October 2014 you can=E2=80=99t expect it to =
work either.
>=20
>> Cisco has released free software updates that address these =
vulnerabilities. Workarounds that mitigate some of these vulnerabilities =
are available.
>=20
> "Free" if you have a support contract. (the clause 3 "contact TAC" =
method is all too often a serious pain in the ass.)
I=E2=80=99ve never had issues getting them to open a case for this =
hardware. You can either operate responsibly or not.
I wouldn=E2=80=99t be surprised if the situation gets worse. Either =
way, upgrade/patch/silo as necessary.
- Jared=
