[22126] in bugtraq
Re: CR vs. CoreBuilder
daemon@ATHENA.MIT.EDU (terry white)
Sun Aug 5 19:08:21 2001
Date: Sun, 5 Aug 2001 15:57:11 -0700 (PDT)
From: terry white <twhite@aniota.com>
To: incidents@securityfocus.com
Cc: linux-admin <linux-admin@vger.kernel.org>, bugtraq@securityfocus.com
In-Reply-To: <200108052112.OAA22327@vtn1.victoria.tc.ca>
Message-ID: <Pine.LNX.4.10.10108051536220.10832-100000@yossarian.aniota.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
on "8-5-2001" "John Nemeth" writ:
: I have a 3Com CoreBuilder 3500 running software version 2.1.0 that
: has been falling over a lot over the last few days.
: NOTE: I don't have any proof that it is CodeRed that is causing the
: CoreBuilder to fall over, but it is highly likely.
... i've noticed a similar problem with a cisco 675 ADSL router. in
particular, i've had to do a cold boot three (3) times 'since' the CR-II
attack started. i had disabled the web command interface, and checking
revealed that still the case.
what i did however, was to assign a port other than the default
(sorry) of '80'. the device has been up 21 hours, despite an order of
magnitude greater CR-II attempts. my server is not published, but in the
last 5 days, i've seen 22, 25, 25, 47, and 60 (so far today: ~16:00 PDT)
events ...
--
... i'm a man , and i can change ,
if i really have to , i guess ...
