[45747] in North American Network Operators' Group
Re: Operational Impact of CA-2002-03 ?
daemon@ATHENA.MIT.EDU (Joel Baker)
Thu Feb 14 15:41:51 2002
From: "Joel Baker" <lucifer@lightbearer.com>
Date: Thu, 14 Feb 2002 13:41:18 -0700
To: nanog@merit.edu
Message-ID: <20020214134118.A31758@lightbearer.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020214020043.A11469@uu.net>; from fscalzo@UU.NET on Thu, Feb 14, 2002 at 02:00:44AM -0500
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, Feb 14, 2002 at 02:00:44AM -0500, Frank B. Scalzo wrote:
>
>
> Has anyone seen any discernable operational impact from CA-2002-03? Things
> like: increase in SNMP probes, increase in bgp churn due to outside networks
> being affected, customer complaints, increase in number of customer flaps,
> anyone willing to admit to being directly impacted, anyone willing to admit
> surviving an attempt, does anyone have any evidence of an actual exploit,
> any evidence that people wearing the wrong color hats are using this or
> trying to?
#include <stddisclaimer>
We saw a few boxes which appeared to have been compromised in the past day
or two, and which were running SNMPd. On the other hand, they were also
running other potentially dangerous network interfaces as well, so the
timing may well be coincidental.
--
***************************************************************************
Joel Baker System Administrator - lightbearer.com
lucifer@lightbearer.com http://users.lightbearer.com/lucifer/
