nanog mailing list archives

Re: CISCO 0-day exploits

From: Justin Wilson <lists () mtin net>
Date: Mon, 10 Feb 2020 13:50:27 -0500


I really thought that more Cisco devices were deployed among NANOG.

I guess that these devices are not used anymore or maybe that I 
understood wrong the severity of this CVE.


A proper network design helps to mitigate flaws like this. If you have CDP off, which many people do, then this exploit 
is not that big of a deal to you.  If your devices are on a management network then it’s not that big of a deal.  Just 
because a certain vendor has vulnerabilities exposed doesn’t it’s an all hand on deck scenario.  Many of the folks on 
NANOG have a good grasp of network design.  Sure, some don’t.  But for the most part they do. 

Justin Wilson
lists () mtin net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

Current thread:

Re: CISCO 0-day exploits, (continued)
- - - Re: CISCO 0-day exploits Jean | ddostest.me via NANOG (Feb 10)
    - Re: CISCO 0-day exploits Tom Hill (Feb 10)
    - Re: CISCO 0-day exploits Ahmed Borno (Feb 10)
    - Re: CISCO 0-day exploits Saku Ytti (Feb 11)
    - Re: CISCO 0-day exploits Harlan Stenn (Feb 11)
    - Re: CISCO 0-day exploits Ahmed Borno (Feb 11)
    - Re: CISCO 0-day exploits Saku Ytti (Feb 11)
    - Re: CISCO 0-day exploits Ahmed Borno (Feb 11)
    - Re: CISCO 0-day exploits sronan (Feb 11)
- Re: CISCO 0-day exploits Scott Weeks (Feb 10)
  - Re: CISCO 0-day exploits Justin Wilson (Feb 10)
  - Re: CISCO 0-day exploits Tom Hill (Feb 10)