[17883] in bugtraq
Re: Cisco 675 Denial of Service Attack
daemon@ATHENA.MIT.EDU (poke)
Fri Dec 1 13:34:18 2000
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.BSI.4.05L.10011302044170.21281-100000@oly.silverlink.net>
Date: Thu, 30 Nov 2000 20:45:36 -0800
Reply-To: poke <poke@OLY.SILVERLINK.NET>
From: poke <poke@OLY.SILVERLINK.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20001130114037.B16593@securityfocus.com>
QWest DSL (of which I am a customer/user) uses the 675 in bridging mode
(in fact that is how it was delivered). AFIK it can be affected by traffic
about as much as a dumb hub can. However, you can make it active, give it
an IP address etc if you want to use it's NAT or WebAdmin capabilities.
Then you are vulnerable... 99% of those QWest customers who use the 675
probably wouldn't have a clue or a reason to change this.
-Chuck
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:"Condense fact from the vapor of nuance"| $s=$ARGV[0];$n='';while($s) :
: 25 -> ten.knilrevlis@wkcuhc | {$s=~s/(.$)//;$n=$n.$1;} :
: 80 -> ekop/ten.knilrevlis.www//:ptth | print "$n\n"; :
----------------------------------------------------------------------
Organization is the destruction of truth...
