nanog mailing list archives

Re: TCP-ACK vulnerability (was RE: SSH on the router)

From: "Christopher L. Morrow" <christopher.morrow () mci com>
Date: Thu, 10 Jun 2004 05:17:28 +0000 (GMT)



On Wed, 9 Jun 2004, Sean Donelan wrote:


http://www.cisco.com/warp/public/707/cisco-sa-20040609-catos.shtml

IP Permit Lists will not provide any mitigation against this vulnerability.

The race is on, who will find your switches first?


makes one wonder about all that virus-foo running around splashing packets
at 0/0:80... I wonder if any of that might have triggered these reloads
over the last, how long? Since catos was born? :(

a good thing, I think, cisco is finding and releasing these
problems/bugs/'features' in their platforms and thus working through
quality control issues. it's nice, other vendors should do the same for
things that get connected  to the public network.

-Chris

Current thread:

RE: SSH on the router - was( IT security people sleep well) McBurnett, Jim (Jun 07)
- TCP-ACK vulnerability (was RE: SSH on the router) Sean Donelan (Jun 09)
  - Re: TCP-ACK vulnerability (was RE: SSH on the router) Stephen J. Wilcox (Jun 09)
    - Re: UDP-TCP-ACK-SYN Attacks Pete (Jun 09)
  - Re: TCP-ACK vulnerability (was RE: SSH on the router) Christopher L. Morrow (Jun 09)
  - Re: TCP-ACK vulnerability (was RE: SSH on the router) Alexei Roudnev (Jun 09)
    - Re: TCP-ACK vulnerability (was RE: SSH on the router) Sean Donelan (Jun 10)
    - Re: TCP-ACK vulnerability (was RE: SSH on the router) Stephen J. Wilcox (Jun 10)
    - Re: TCP-ACK vulnerability (was RE: SSH on the router) James (Jun 10)
    - Re: TCP-ACK vulnerability (was RE: SSH on the router) Alexei Roudnev (Jun 10)
    - Re: TCP-ACK vulnerability (was RE: SSH on the router) Stephen J. Wilcox (Jun 11)
    - Re: TCP-ACK vulnerability (was RE: SSH on the router) Christopher L. Morrow (Jun 10)
    - Message not available
    - Re: TCP-ACK vulnerability (was RE: SSH on the router) Christopher L. Morrow (Jun 10)