Hi all. I saw today the vulnerability alert on Cisco IOS. The workaround is to implement ACL?s that block packets from unknown sources directed to an exposed interface. Thinking about a perimeter router, i have one router with a "tcp any any established" ACL. I also have ICMP opened in this same router, any -> any. Are this lines enough to make this interface vulnerable to the possible attack? What do you think about it? ---------------------------------------------------------------------------- Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the world's premier technical IT security event! 10 tracks, 15 training sessions, 1,800 delegates from 30 nations including all of the top experts, from CSO's to "underground" security specialists. See for yourself what the buzz is about! Early-bird registration ends July 3. This event will sell out. www.blackhat.com ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Thu Jul 17 2003 - 11:29:40 PDT