Re: Code red II crashes cisco 678

From: leE (leeat_private)
Date: Mon Aug 06 2001 - 02:19:19 PDT

Next message: X: "Re: slackware permissions"

Previous message: Geo.: "Code red II crashes cisco 678"
In reply to: Geo.: "Code red II crashes cisco 678"
Next in thread: leE: "Re: Code red II crashes cisco 678"
Next in thread: JAX: "Re: Code red II crashes cisco 678"
Reply: leE: "Re: Code red II crashes cisco 678"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 5 Aug 2001, Geo. wrote:

> All day I've had customers calling with cisco 678 routers running cbos 2.4.2
> with the web interface disabled. Seems their routers have been crashing.
> 
> We traced this back to the code red worm. For some reason even with web
> disabled on these routers port 80 remains open. Simply running a port scan
> and cutting off the connection is enough to crash the router. Locks up
> solid.
> 
> I also found a solution, by doing a
> 
> set web remote ipaddress
> 
> where ipaddress is one of their internal IP's you can prevent outside
> addresses from being able to crash the router.
> 
> Just a heads up guys, if you are seeing 678's crashing, give it a try, it's
> working here.
> 
> Geo.
> 
> 
> 
> 

Has anyone tried to replicate this on other Cisco's at all?  I ask because
I guess it's entirely likely that chunks of IOS code are the same for
other routers.

 Lee

-- 
Lee Brotherston - <leeat_private>
http://www.nerds.org.uk

Next message: X: "Re: slackware permissions"
Previous message: Geo.: "Code red II crashes cisco 678"
In reply to: Geo.: "Code red II crashes cisco 678"
Next in thread: leE: "Re: Code red II crashes cisco 678"
Next in thread: JAX: "Re: Code red II crashes cisco 678"
Reply: leE: "Re: Code red II crashes cisco 678"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 07:46:29 PDT