Security Incidents mailing list archives

RE: Code Red II - Dead Thread

From: Steve Halligan <agent33 () geeksquad com>
Date: Wed, 8 Aug 2001 09:16:22 -0500

Thus, as of yesterday afternoon, here are the setting which I 
have deployed
in the 675 CBOS, which I feel have stopped the lock-up 
problems, at least
for the time being:

WEB Configuration
Is not enabled
Currently accepts connections only from 10.0.0.100
Currently uses port 5

We have found the same problems and to this point Cisco has not acknowledged
that there is a problem.
Another kludge to keep these things up, that I think is a little easier to
explain to end-users, is to 
move the web port.  Like this:
CBOS#set web dis
CBOS#set web port ### <----pick a number here. (81, 56455, 11243, whatever)
CBOS#write
CBOS#reboot

This would even work if someone needed the web port enabled (although, I
can't imagine why they would)

-Steve

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Code Red II - Dead Thread Alfred Huger (Aug 07)
- Re: Code Red II - Dead Thread Dave Laird (Aug 07)
- <Possible follow-ups>
- RE: Code Red II - Dead Thread Steve Halligan (Aug 08)