nanog mailing list archives
Re: Patching for Cisco vulnerability
From: Måns Nilsson <mansaxel () sunet se>
Date: Sun, 20 Jul 2003 12:34:11 +0200
--On Friday, July 18, 2003 12:29:30 -0600 Irwin Lazar <ILazar () burtongroup com> wrote:
Just out of curiosity, are folks just applying the Cisco patch or do you go through some sort of testing/validation process to ensure that the patch doesn't cause any other problems? Given typical change management procedures how long is taking you to get clearance to apply the patch? I'm trying here to gauge the length of time before this vulnerability is closed out.
We had a phone conference with our Cisco people thursday lunch MEST and agreed on a testing scheme, where we would upgrade one of the (redundant) core routers and one access router (our network basically has two kinds of Cisco equipment, 12400 as core and 10700 as CPE) and let them run for an hour -- if no problems by then we'd roll the upgrade through the network, trying not to blackhole our customers. We went from 12.0(23)S1 to 12.0(23)S3, and it was mostly painless. -- Måns Nilsson Systems Specialist +46 70 681 7204 KTHNOC MN1334-RIPE We're sysadmins. To us, data is a protocol-overhead.
Attachment:
_bin
Description:
Current thread:
- Infrastructure Filtering (was Re: Patching for Cisco vulnerability), (continued)
- Infrastructure Filtering (was Re: Patching for Cisco vulnerability) Charles Sprickman (Jul 18)
- Re: Infrastructure Filtering (was Re: Patching for Cisco vulnerability) Petri Helenius (Jul 18)
- Re: Infrastructure Filtering (was Re: Patching for Cisco vulnerability) Niels Bakker (Jul 18)
- Re: Infrastructure Filtering (was Re: Patching for Cisco vulnerability) Curtis Maurand (Jul 18)
- Re: Infrastructure Filtering (was Re: Patching for Cisco vulnerability) Jared Mauch (Jul 18)
- Re: Infrastructure Filtering (was Re: Patching for Cisco vulnerability) Niels Bakker (Jul 18)
- Re: Infrastructure Filtering (was Re: Patching for Cisco vulnerability) Christopher L. Morrow (Jul 18)
- Re: Infrastructure Filtering (was Re: Patching for Cisco vulnerability) Niels Bakker (Jul 18)
- Re: Infrastructure Filtering (was Re: Patching for Cisco vulnerability) Christopher L. Morrow (Jul 18)
- Infrastructure Filtering (was Re: Patching for Cisco vulnerability) Charles Sprickman (Jul 18)