Vulnerability Development mailing list archives
Cisco 678 exploit
From: George <georger () NLS NET>
Date: Wed, 11 Oct 2000 21:55:31 -0400
Let me start off by saying I'm no network expert but I found something that I though was rather interesting. Setup: Cisco 678 DSL router connecting 2 machines to the internet. Machines are using routable IP addresses (NAT is disabled) and are fully pingable from the internet side. By sending the following broadcast packet from Machine1, Machine2 can no longer talk to the internet. I don't know enough about protocols to know why but I think the broadcast is changing something in the 678 router judging from the network sniff I ran. Anyway, this is the packet: 00000: FF FF FF FF FF FF 00 80 29 61 9B 39 00 2C E0 E0 ........)a.9.,.. 00010: 03 FF FF 00 28 00 01 00 00 00 00 FF FF FF FF FF ....(........... 00020: FF 04 53 00 00 00 00 00 80 29 61 9B 39 04 53 00 ..S......)a.9.S. 00030: 02 92 23 33 C3 00 01 00 02 00 ..#3...... It is an IPX RIP broadcast of some kind (RIPX) and within a second or two of this packet machine2 drops off the internet. Machine2 does not have IPX installed, only tcp/ip. Is there anyone on this list who could help me track this down further? It seems to me that if this is in fact affecting the router and not machine2 that this would be a very simple way for one person inside a company to knock out the internet connection so I think it could classify as an exploit. Geo.
Current thread:
- Netscape crashes, sec. bug? Sylvan Ravinet (Oct 10)
- Re: Netscape crashes, sec. bug? Erik Tayler (Oct 10)
- Cisco 678 exploit George (Oct 11)
- news story and router passwords Vitaly Osipov (Oct 12)
- Re: news story and router passwords Talisker (Oct 12)
- Re: news story and router passwords Mathias Wegner (Oct 13)
- Re: news story and router passwords Ralph Moonen (Oct 12)
- Re: news story and router passwords Lincoln Yeoh (Oct 12)
- Re: news story and router passwords Mark Teicher (Oct 13)
- Re: news story and router passwords Talisker (Oct 13)
- Re: news story and router passwords Mark Teicher (Oct 14)
- Re: news story and router passwords Talisker (Oct 14)
- Re: news story and router passwords Mark Teicher (Oct 14)
- Cisco 678 exploit George (Oct 11)
- Re: Netscape crashes, sec. bug? Erik Tayler (Oct 10)