On Sun, 5 Aug 2001, Geo. wrote: > All day I've had customers calling with cisco 678 routers running cbos 2.4.2 > with the web interface disabled. Seems their routers have been crashing. > > We traced this back to the code red worm. For some reason even with web > disabled on these routers port 80 remains open. Simply running a port scan > and cutting off the connection is enough to crash the router. Locks up > solid. > > I also found a solution, by doing a > > set web remote ipaddress > > where ipaddress is one of their internal IP's you can prevent outside > addresses from being able to crash the router. > > Just a heads up guys, if you are seeing 678's crashing, give it a try, it's > working here. > > Geo. > > > > Has anyone tried to replicate this on other Cisco's at all? I ask because I guess it's entirely likely that chunks of IOS code are the same for other routers. Lee -- Lee Brotherston - <leeat_private> http://www.nerds.org.uk
This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 07:46:29 PDT