North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: OPS: SECURITY new packet of death
The obvious fix is to block at your firewall, gw, and/or router any packet with a source address/port that matches the destination address/port. Several Cisco IOS filters have have passed through BugTraq mailing list to solve this problem. All of these filters can be located at: http://www.geek-girl.com/bugtraq Regards, Nathan Bates On 21-Nov-97 Leigh Porter wrote: > Charley Kline wrote: > >> > land.c is this program >> >> I tried it against a 7505 running 11.2(9)P and a 2511 running >> 11.2(7a), >> with no obvious bad effects. The announcement does not indicate which >> IOS versions are vulnerable; I'd love to know. >> >> -- >> Charley Kline [email protected] >> UIUC Network Architect n stuff > > I can confirm this, yet customers on 10.0 have had problems. > > I would like to know wether Cisco will be letting all those people with > 10.0 > have free upgrades to 11.0 in view of the potential seriousnes of this > bug. > > -- > > Leigh Porter - Wisper Bandwidth Plc - http://www.wisper.net > GeekCode - http://saratoga.wisper.net:9999/~leigh/ > Set UR PC 3 - http://www.linux.org > > Nathan Brock Bates <[email protected]> internetMCI iNOC <[email protected]> ------------------------------------------------------------------------- The opinions expressed herein do not express those of internetMCI or MCI.
|