Re: Foundry DoS at login prompt

[Val Oliva <voliva () FOUNDRYNET COM>]

Please note that this posting is incorrect.

Foundry's release notes ver. 7.1.09, which is 
the release notes for the FastIron II family 
(FastIron II and FastIron IIPlus) and the 
BigIron family (BigIron 4000 and 8000), 
stated that this problem is "FIXED" in 7.1.09
and NOT a bug. For the ServerIron family, 
release 7.1.06 fixes this problem.

This statement

 "If you entered a very long string when 
  prompted for a Telnet password, then 
  pressed Enter before the software timed out 
  the access attempt, the device reset."

is within the "Software Fixes" section (p. 191), 
which itemizes fixes current and earlier 
software releases.

Please contact your local Foundry Sales 
Representative or Engineer for details.

Thanks. Val Oliva


> In the release notes for Foundry code v07.1.09, 
I noticed the statement:
>       If you entered a very long string when 
prompted for a Telnet
>       password, then pressed Enter before the 
software timed out the
>       access attempt, the device reset.
>
> This functions exactly as it describes on 
FastIrons, BigIrons, and
> ServerIrons I have access to running various 
versions of firmware.
> If you can get to a login prompt, you can 
reload the device.
> This does not appear to affect ssh logins, 
which recent versions of the
> Foundry firmware support.
>
> If you have any Foundry gear with externally 
visible IPs, make sure you
> disable telnet or upgrade your firmware to the 
latest.  This is particularly
> true if you use their load-balancer product, 
the ServerIron, which
> also supposedly functions to keep your site 
highly available.
>                                     -- Aaron