Re: Code red II crashes cisco 678

[Sam <sam () neuroflux com>]

While I haven't had a chance to try and reproduce this on my 675 running
CBOS 2.4.2, I do have a filter put in place that blocks access to port 80
on the modem only.  You might try using the 'set filter' command that's
part of CBOS.

Placing a filter on a IP that is dynamic tends to be a pain, but, it will
at least keep your modem from crashing.

-Sam

On Mon, 6 Aug 2001, JAX wrote:

> Hi Geo .
>
>     Thanx for the advice but it's still crashing. I even changed the web
> port to 81 , they say it's helping
> but it did not help me . My Cbos still looses the ppp conection :
>
> 25 000:00:42:48 PPP        Info       PPP Termination Acknowledgement on
> wan0-0
> 26 000:00:42:48 PPP        Info       PPP Down Event on wan0-0
>
> Any ideea where this is comming from ?
>
> George Sas
> ----- Original Message -----
> From: "Geo." <georger () nls net>
> Sent: Monday, August 06, 2001 4:43 AM
> Subject: Code red II crashes cisco 678
>
>
> > All day I've had customers calling with cisco 678 routers running cbos
> 2.4.2
> > with the web interface disabled. Seems their routers have been crashing.
> >
> > We traced this back to the code red worm. For some reason even with web
> > disabled on these routers port 80 remains open. Simply running a port scan
> > and cutting off the connection is enough to crash the router. Locks up
> > solid.
> >
> > I also found a solution, by doing a
> >
> > set web remote ipaddress
> >
> > where ipaddress is one of their internal IP's you can prevent outside
> > addresses from being able to crash the router.
> >
> > Just a heads up guys, if you are seeing 678's crashing, give it a try,
> it's
> > working here.
> >
> > Geo.