nanog mailing list archives
RE: Saying goodnight to my GSR
From: "Keith Medcalf" <kmedcalf () dessus com>
Date: Sat, 20 Sep 2014 15:17:17 -0600
I do not see any vulnerabilities listed there. Only documentation of behavioral bugs, caveats, and restrictions. A "vulnerability" would be something like the one Microsoft introduced into all versions of the Windows IP stack after Windows 2003 and Windows XP wherein "the Operating System will execute the payload of an IP packet with SYSTEM authority and SYSTEM integrity when a crafted IP packet is received in which a certain combination of invalid and reserved header bits are set".
-----Original Message----- From: Ruairi Carroll [mailto:ruairi.carroll () gmail com] Sent: Saturday, 20 September, 2014 14:57 To: Keith Medcalf Cc: Daniel Sterling; Bacon Zombie; nanog () nanog org Subject: Re: Saying goodnight to my GSRAnd what, exactly, is it vulnerable to?Most of these, I'd imagine: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/release/ntes/120SCAVS.html On 20 September 2014 14:25, Keith Medcalf <kmedcalf () dessus com> wrote: And what, exactly, is it vulnerable to? >-----Original Message----- >From: NANOG [mailto:nanog-bounces () nanog org] On Behalf Of Daniel Sterling >Sent: Saturday, 20 September, 2014 12:06 >To: Bacon Zombie >Cc: nanog () nanog org >Subject: Re: Saying goodnight to my GSR > >Again, you're focusing resentment towards someone who did the right >thing. Negative reinforcement will discourage others from taking >action and will discourage them from encouraging others to take >action. > >Let's focus on who still has vulnerable equipment and how to help >them. Let's not shame people who did the right thing > >Thanks, >Dan > > >On Sat, Sep 20, 2014 at 1:59 PM, Bacon Zombie <baconzombie () gmail com> >wrote: >> OK thank you for decommissioning this.* >> >> * Only if you either had authority to do so for max 1 year or had no >> authority but were fighting to have it patches or replaced for years. >> On Sep 20, 2014 7:54 PM, "Daniel Sterling" <sterling.daniel () gmail com> >> wrote: >> >>> On Sat, Sep 20, 2014 at 1:37 PM, Bacon Zombie <baconzombie () gmail com> >>> wrote: >>> >>> > So when was the last time you patched this internet facing device? >>> >>> Isn't the better response, thank you for decommissioning it? >>> >>> Can someone from cisco set up a poll or release whatever numbers they >>> have about how many of these old devices are still in service? >>> >>> Thanks, >>> Dan >>>
Current thread:
- Re: Saying goodnight to my GSR, (continued)
- Re: Saying goodnight to my GSR Jeroen Massar (Sep 20)
- Re: Saying goodnight to my GSR James R Cutler (Sep 20)
- Re: Saying goodnight to my GSR Matthew S. Crocker (Sep 20)
- Re: Saying goodnight to my GSR Bacon Zombie (Sep 20)
- Re: Saying goodnight to my GSR Joel Jaeggli (Sep 20)
- Re: Saying goodnight to my GSR Daniel Sterling (Sep 20)
- Re: Saying goodnight to my GSR Bacon Zombie (Sep 20)
- Re: Saying goodnight to my GSR Daniel Sterling (Sep 20)
- RE: Saying goodnight to my GSR Keith Medcalf (Sep 20)
- Re: Saying goodnight to my GSR Ruairi Carroll (Sep 20)
- RE: Saying goodnight to my GSR Keith Medcalf (Sep 20)
- Re: Saying goodnight to my GSR Saku Ytti (Sep 20)
- Re: Saying goodnight to my GSR Alain Hebert (Sep 22)
- Message not available
- Re: Saying goodnight to my GSR Larry Sheldon (Sep 22)
- Re: Saying goodnight to my GSR Matthew S. Crocker (Sep 20)
- Re: Saying goodnight to my GSR Jared Mauch (Sep 20)
- Re: Saying goodnight to my GSR Tom Hill (Sep 21)
- RE: Saying goodnight to my GSR Justin M. Streiner (Sep 22)
- RE: Saying goodnight to my GSR Jim Devane (Sep 22)