[59761] in North American Network Operators' Group
Re: after Cisco IOS exploit patch
daemon@ATHENA.MIT.EDU (Jason Frisvold)
Fri Jul 18 16:42:40 2003
From: Jason Frisvold <friz@corp.ptd.net>
To: Saxon Jones <SaxonJ@interbaun.net>
Cc: "'nanog@merit.edu'" <nanog@merit.edu>
In-Reply-To: <01431EBF3DFFD211AC7E0060971994F502D8CFC1@homer.interbaun.net>
Date: 18 Jul 2003 16:41:59 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--=-W8vWlKJSLXaavtIDYJUe
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Fri, 2003-07-18 at 14:49, Saxon Jones wrote:
> After I upgraded my IOS this morning I've seen 13,844 input errors on
> the port; when looking at the switch the router is connected to I see
> that a very similar number of multi-cast packets (13,423).=20
>=20
> Has anyone else seen this? Is this perhaps what the patch does
> (register exploit packets as input errors)?
FWIW, we re-tested again to check this.. We put the router under a
heavy load of exploited packets and did not see this.. We tested all 4
protocols.
> ________________________
> saxon jones
> network infrastructure admin
> interbaun communications
> suite 200
> 18404 stony plain road
> edmonton, ab
> T5S 2M8
> mailto:netadmin@interbaun.net
> http://www.interbaun.com/
> (780) 447-8276
--=20
---------------------------
Jason H. Frisvold
Backbone Engineering Supervisor
Penteledata Engineering
friz@corp.ptd.net
RedHat Engineer - RHCE # 807302349405893
Cisco Certified - CCNA # CSCO10151622
MySQL Core Certified - ID# 205982910
---------------------------
"Imagination is more important than knowledge.
Knowledge is limited. Imagination encircles
the world."
-- Albert Einstein [1879-1955]
--=-W8vWlKJSLXaavtIDYJUe
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQA/GFuXRsoFMdDaiQgRAoiyAJ9xyYSu54MyNlcsiMCkWkJHBmJtiwCg6CM3
tFv22WxaRWLgcHMfI2Ye8E0=
=S8Jd
-----END PGP SIGNATURE-----
--=-W8vWlKJSLXaavtIDYJUe--
