Snort mailing list archives
Cisco IOS Interface Blocked by IPv4 Packets
From: Atul Shrivastava <atul_iet () yahoo com>
Date: Sun, 20 Jul 2003 21:21:13 -0700 (PDT)
Hello, I came to know about the following vulnerability in CISCO IOS about denial of service attacks (DDOS) To give a brief description: If an interface on a Cisco IOS device receives a rare, specially crafted sequence of IPv4 packets with any of protocol types 53, 55, 77 or 103, the device may incorrectly flag the input queue as full and will not process any inbound packets. This will result in routing protocols to drop on that interface . The device will have to be rebooted to clear the buffer queue.This attack can be repeated on all interfaces causing the router to be remotely inaccessible and can bring down the router. Rule for this DDOS is not there in the snort.rules Regards, Atul Shrivastava --------------------------------- Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month!
Current thread:
- Cisco IOS Interface Blocked by IPv4 Packets Atul Shrivastava (Jul 21)