> It looks like the "Code Red" worm has the added side effect of crashing > Cisco (675/678) DSL CPEs running any CBOS prior to 2.4.1. The GET it sends > looking for IIS servers hardlocks any modem with the web management > interface enabled. FYI.... I believe we're seeing secondary effects on other higher-end Cisco's (i.e. 7500's) ----- Original Message ----- From: "Mike Lewinski" <mikeat_private> To: <nanogat_private> Sent: Thursday, July 19, 2001 1:00 PM Subject: Code Red -> Router Memory depletion? > We've seen two routers experiencing problems this AM that appear to be > related to client swervers infected with the IIS Code Red virus. I say > appear because of the timing with cpu profiles on downstream routers > where infections broke out, but I don't have any direct evidence. > > The first one was a border router: > > Jul 19 08:00:47 5093: 2w5d: %SYS-2-MALLOCFAIL: Memory allocation of > 65540 bytes failed from 0x603BF35C, pool Processor, alignment 0 > Jul 19 08:00:47 5094: -Process= "BGP Router", ipl= 0, pid= 86 > > # sh ver > uptime is 4 hours, 46 minutes > System returned to ROM by bus error at PC 0x603BFCFC, address 0xFFFFFFF0 > at 05:57:21 UTC Thu Jul 19 2001 > > The other one is a client aggregation router > > Jul 19 12:02:49 192: %SYS-2-MALLOCFAIL: Memory allocation of 1964 bytes > failed from 0x314DA4A, pool Processor, alignment 0 > Jul 19 12:02:49 193: -Process= "OSPF Router", ipl= 0, pid= 32 > > (This router is still functioning, but not allowing any incoming > connections on telnet). > > -Mike > >
This archive was generated by hypermail 2b30 : Thu Jul 19 2001 - 12:17:36 PDT