nanog mailing list archives
Re: OPS: SECURITY new packet of death
From: Nathan Bates <nbates () mci net>
Date: Fri, 21 Nov 1997 13:52:15 -0500 (EST)
The obvious fix is to block at your firewall, gw, and/or router any packet with a source address/port that matches the destination address/port. Several Cisco IOS filters have have passed through BugTraq mailing list to solve this problem. All of these filters can be located at: http://www.geek-girl.com/bugtraq Regards, Nathan Bates On 21-Nov-97 Leigh Porter wrote:
Charley Kline wrote:land.c is this programI tried it against a 7505 running 11.2(9)P and a 2511 running 11.2(7a), with no obvious bad effects. The announcement does not indicate which IOS versions are vulnerable; I'd love to know. -- Charley Kline kline () uiuc edu UIUC Network Architect n stuffI can confirm this, yet customers on 10.0 have had problems. I would like to know wether Cisco will be letting all those people with 10.0 have free upgrades to 11.0 in view of the potential seriousnes of this bug. -- Leigh Porter - Wisper Bandwidth Plc - http://www.wisper.net GeekCode - http://saratoga.wisper.net:9999/~leigh/ Set UR PC 3 - http://www.linux.org
Nathan Brock Bates <nbates () mci net> internetMCI iNOC <hostmaster () mci net> ------------------------------------------------------------------------- The opinions expressed herein do not express those of internetMCI or MCI.
Current thread:
- OPS: SECURITY new packet of death Sean Donelan (Nov 21)
- Re: OPS: SECURITY new packet of death Henry Linneweh (Nov 21)
- Re: OPS: SECURITY new packet of death Charley Kline (Nov 21)
- Re: OPS: SECURITY new packet of death James D. Butt (Nov 21)
- Re: OPS: SECURITY new packet of death Leigh Porter (Nov 21)
- Re: OPS: SECURITY new packet of death Nathan Bates (Nov 25)
- Re: OPS: SECURITY new packet of death Karl Denninger (Nov 21)
- Re: OPS: SECURITY new packet of death blast (Nov 21)
- Re: OPS: SECURITY new packet of death Charley Kline (Nov 21)
- Re: OPS: SECURITY new packet of death John Hawkinson (Nov 21)
- Re: OPS: SECURITY new packet of death Alex Rubenstein (Nov 21)
- Re: OPS: SECURITY new packet of death Avi Freedman (Nov 21)
- Re: OPS: SECURITY new packet of death Henry Linneweh (Nov 21)
- <Possible follow-ups>
- Re: OPS: SECURITY new packet of death Daniel MacKay (Nov 21)
- Re: OPS: SECURITY new packet of death Stan Barber (Nov 21)
- Re: OPS: SECURITY new packet of death Michael Behrens (Nov 21)
- RE: OPS: SECURITY new packet of death Darin Fisher (Nov 21)