[35109] in North American Network Operators' Group
Re: Warning: Cisco RW community backdoor.
daemon@ATHENA.MIT.EDU (Jim Duncan)
Tue Feb 27 00:31:16 2001
Message-Id: <200102270505.AAA04748@rtp-msg-core-1.cisco.com>
From: Jim Duncan <jnduncan@cisco.com>
To: Sean Donelan <sean@donelan.com>
Cc: nanog@merit.edu
In-Reply-To: Message from Sean Donelan <sean@donelan.com>
of "26 Feb 2001 18:47:31 PST." <20010227024731.20734.cpmta@c004.sfo.cp.net>
Date: Tue, 27 Feb 2001 00:05:39 -0500
Errors-To: owner-nanog-outgoing@merit.edu
Sean Donelan writes:
>
> Anyone with a Smartnet contract have a response from Cisco yet? I really
> need to get my own Smartnet number.
>
No need. I'll post the advisory as soon as I can get it ready. It's
probably going to be another hour or two.
The only reason I've paused to post this response is to ask everyone to
wait for the advisory and stop experimenting. This one is really
strange in the interactions with various releases, features, and
hardware. The real problem is that if you try enough different
combinations of config commands to shut off the problem, you'll put your
ATM connections in a very poor state (that's the best way I can put it).
As a side note, this is a problem with the standards. In particular,
how the standards _require_ a function to be implemented.
Please wait for the advisory.
Thanks!
Jim
--
Jim Duncan, Product Security Incident Manager, Cisco Systems, Inc.
<http://www.cisco.com/warp/public/707/sec_incident_response.shtml>
E-mail: <jnduncan@cisco.com> Phone(Direct/FAX): +1 919 392 6209
