Re: CISCO ipv4 DoS code

From: Michael Scheidell (scheidellat_private)
Date: Fri Jul 18 2003 - 12:05:21 PDT

Next message: Renaud Deraison: "Re: CISCO ipv4 DoS code"

Previous message: Renaud Deraison: "CISCO ipv4 DoS code"
In reply to: Renaud Deraison: "CISCO ipv4 DoS code"
Next in thread: Renaud Deraison: "Re: CISCO ipv4 DoS code"
Reply: Renaud Deraison: "Re: CISCO ipv4 DoS code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> 
> 
> The attached plugin will supposedly block the interface of a CISCO
> router vulnerable to the widely publicized vulnerability. I did not test
> it, and I don't plan to officially include it (it's redundant with
> cisco_ipv4_dos.nasl which is non-intrusive). As such, its description
> should not be taken too seriously.

but, then again, one of the problems with just relying on the snmp OS
string, or in the case of 'banners', (smtp banners, netbios registry
entries) is that we truly don't do the test.

In the case of this one, yes, its a LOT more intrusive than say, just
KILL_HOST (more like KILL_NET ;0) but should not it be included?  I mean,
there are those other cisco snmp DOS's that will KILL_NET and those are in
the standard distribution.

Next message: Renaud Deraison: "Re: CISCO ipv4 DoS code"
Previous message: Renaud Deraison: "CISCO ipv4 DoS code"
In reply to: Renaud Deraison: "CISCO ipv4 DoS code"
Next in thread: Renaud Deraison: "Re: CISCO ipv4 DoS code"
Reply: Renaud Deraison: "Re: CISCO ipv4 DoS code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jul 18 2003 - 12:05:58 PDT