[45739] in North American Network Operators' Group
Re: Operational Impact of CA-2002-03 ?
daemon@ATHENA.MIT.EDU (Jared Mauch)
Thu Feb 14 09:50:20 2002
Date: Thu, 14 Feb 2002 09:48:47 -0500
From: Jared Mauch <jared@puck.Nether.net>
To: "Frank B. Scalzo" <fscalzo@UU.NET>
Cc: nanog@merit.edu
Message-ID: <20020214144847.GB23223@puck.nether.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020214020043.A11469@uu.net>
Errors-To: owner-nanog-outgoing@merit.edu
I've been watching the acls on various routers on our (my employer)
network as well as on my home network.
I've only seen one host attempt to send any sort
of snmp "goodies" to my network:
Feb 14 05:57:55.239 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.252.53(161), 1 packet
Feb 14 06:03:51.550 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.253.53(161), 1 packet
Feb 14 06:03:51.550 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.254.53(161), 1 packet
Feb 14 06:03:51.550 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.255.53(161), 1 packet
Obviously I don't speak for the entire internet but
i'm not seeing anything that interesting to take note of (imho)
currently.
- Jared
On Thu, Feb 14, 2002 at 02:00:44AM -0500, Frank B. Scalzo wrote:
>
>
> Has anyone seen any discernable operational impact from CA-2002-03? Things
> like: increase in SNMP probes, increase in bgp churn due to outside networks
> being affected, customer complaints, increase in number of customer flaps,
> anyone willing to admit to being directly impacted, anyone willing to admit
> surviving an attempt, does anyone have any evidence of an actual exploit,
> any evidence that people wearing the wrong color hats are using this or
> trying to?
>
> Frank Scalzo
--
Jared Mauch | pgp key available via finger from jared@puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
