North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Patching for Cisco vulnerability
On Fri, Jul 18, 2003 at 09:21:28PM +0200, Daniel Roesen wrote: > > On Fri, Jul 18, 2003 at 03:04:45PM -0400, Jared Mauch wrote: > > most providers can easily go from (for example) > > 12.0(21)S3 to 12.0(21)S7 with less testing than from 12.0(21)S to 12.0(25)S > > 12.0(21)S* (at least S5 and above) have broken SNMP interface counters > and Cisco refuses to fix the bug in 12.0(21)S*, so people who don't Do you have a DDTS I can reference? > want to lose money (accounting) are forced to upgrade to 12.0(25)S*. > I guess they want to force all "conservative" ISPs to jump over > the 12.0(22)S "barrier". I agree that Cisco should actually take more serious ownership of these issues within a customers network. They're selling us these software/hw and claiming that we can obtain a particular SLA level. Yet they can't seem to add in some code that says if (ifc->in_bps > ifc->phy_speed || ifc->out_bps > ifc->phy_speed) { crash_router(); } If they added this code, they'd find these bugs in their labs instead of in our networks. - jared -- Jared Mauch | pgp key available via finger from [email protected] clue++; | http://puck.nether.net/~jared/ My statements are only mine.
|