nanog mailing list archives
Re: Cisco IOS Failure due to Virus
From: "Stephen J. Wilcox" <steve () telecomplete co uk>
Date: Fri, 12 Sep 2003 13:56:55 +0100 (BST)
On Fri, 12 Sep 2003, Petri Helenius wrote:
Stephen J. Wilcox wrote:Hi, we've seen this.. yuo need to make sure you filter the nachi worm 92 byte icmp echo's on your interfaces and it will be fine. The problem seems to be input buffers which use all the memory up for some reason.This sounds vaguely similar to the recent IOS buffers stuck issue.
No, its quite different 1: On the vuln. the buffer filled up and could not be emptied without a reboot On nachi the buffer doesnt seem to fill and an acl or shutting the interface will solve the problem whilst the router stays up 2: On the vuln. the outcome was that the particular interface stopped forwarding traffic On nachi the router runs out of main memory and starts dropping processes because of malloc failure FYI I have only encountered the nachi problem on a few PE routers which were old and had little memory anyway eg Cisco 2500.. presumably the buffer filling isnt a memory leak and providnig there is enough spare memory the router wont be affected in this way. Steve
Current thread:
- Cisco IOS Failure due to Virus Richard J . Sears (Sep 10)
- Re: Cisco IOS Failure due to Virus Robert Blayzor (Sep 10)
- Re: Cisco IOS Failure due to Virus Richard J . Sears (Sep 10)
- Some very strange network behaviors Christopher Bird (Sep 10)
- Re: Some very strange network behaviors Stephen J. Wilcox (Sep 11)
- Re: Some very strange network behaviors Mike Lewinski (Sep 11)
- Re: Some very strange network behaviors Crist Clark (Sep 11)
- Re: Cisco IOS Failure due to Virus Robert Blayzor (Sep 10)
- Re: Cisco IOS Failure due to Virus Stephen J. Wilcox (Sep 11)
- Re: Cisco IOS Failure due to Virus Petri Helenius (Sep 12)
- Re: Cisco IOS Failure due to Virus Stephen J. Wilcox (Sep 12)
- Re: Cisco IOS Failure due to Virus Petri Helenius (Sep 12)
- <Possible follow-ups>
- RE: Cisco IOS Failure due to Virus Niaz, Wajahat (Sep 10)
- RE: Cisco IOS Failure due to Virus Mark Segal (Sep 15)
- RE: Cisco IOS Failure due to Virus Mark Segal (Sep 15)