I believe there is some clarification to your 'DoS' that should be stated. What versions of cisco IOS are you refering to? But either way you are refering to 2 seperate, possibly 3 seperate features of Cisco IOS. Port 23 (telnet obviously) spawns a 'virtual terminal' when it receives a connection. This can be protected from 'unauthorized' access by an ACL. Instead of applying an interface specific ACL, you should place one in the actual Line VTY config. Regarding ports 2001, 4001, 6001, and 9001. Those are all 'reverse telnet' ports for the AUX port. In my experience I have seen several routers that do have this misconfigured, however a DoS attack against this port is of no importance. The simple fix is to apply 'transport input none' to the aux port. And if the administrator actually knows what he is doing, and needs reverse telnet ability to the router's AUX port, once again an ACL can be applied to only allow specific access. I agree that if the reverse telnet to the AUX is used, it can be tied up, just by connecting to one of the ports 2001, 4001 .... and no other port will answer a connection....(assuming no ACL is installed) However, currently I do not consider what you have stated a DoS attack. I have not seen any router 'reboot' from anything you have stated. Please post more information to clarify. joej Mr_JoeJat_private ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:32:47 PDT