North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: New Cisco Vulnerability

  • From: Michael Sinatra
  • Date: Wed Jul 16 18:54:11 2003

On Wed, 16 Jul 2003, Eric Gauthier wrote:

> Ok, fine, don't tell the rest of use what it is, how to detect it, or how
> to defend against it.  We in the university space will just do nothing because
> we have nothing to put into our IDS sensors to watch for/block it out.
> Because, you know, we're going to be the sources :)

And then we'll hear all of the usual flak about how universities are
unprepared to handle security problems...

I would just like to hear if there is a publicly available fix yet.
If the backbone carriers have already scheduled their work, then they
likely have a fix in hand.  If the fix isn't available, then a rough
schedule would be good so we can plan.

I'd like to understand the vulnerability, but I'd certainly be okay with
cisco saying "psst.  put this version of IOS on your boxes.  don't ask us
why just yet.  we'll explain more later."

Or, maybe they WANT *our* routers to kick over so that we can't source the