Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Should nmap cause a DoS on cisco routers?

From: Dan Kaminsky <dan () doxpara com>
Date: Thu, 1 Jul 2010 21:54:00 -0400
Agreed completely on don't panic.



On Jul 1, 2010, at 9:30 PM, "Dobbins, Roland" <rdobbins () arbor net>  
wrote:



On Jul 2, 2010, at 8:13 AM, Lee wrote:


so presumably the scan came from a network that had full access to  
the routers.


One question is whether or not the network in question *should* have  
full access to the management plane of the routers.

;>


That's a bit harder to defend against.



Sure, but also note that CoPP, HWRL, and the like can help,  
depending upon the platform.

Don't get me wrong; this should be investigated further, and PSIRT  
are on it.  My point is that folks don't need to go into panic mode,  
but should educate themselves as to how to defend their network  
infrastructure against attack and then deploy the relevant BCPs.

--- 
--------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

   Injustice is relatively easy to bear; what stings is justice.

                       -- H.L. Mencken



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: