North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Cisco Vulnerability Testing Results

  • From: alex
  • Date: Sat Jul 19 09:55:49 2003

> All other prior versions of IOS do not contain the software that
> introduced the vulnerability and are probably not vulnerable, but I will
> not be able to confirm that by testing it.
> > So..  everyone running AGS+'s in the core, beware.. *grin*
> The workarounds should apply, but not much else. ;-)

"We are C. We never have a fix. We have a patch... after patch.... after
patch... after patch... after patch... and at some point there is no more
patches, but there is no fix either"

I have this brilliantly simple idea that somehow everyone forgets, while
they tout all the new "advanced stuff". Do not introduce yet another name
for filtering that works only in some cases. Fix the filtering code so we
can filter *anything* at *any packet rate* on *any interface* that pass *any
traffic* without bringing the router to its knees.