Seems that the problem also occurs on Cisco 675 even if the web interface is dissabled.. the way I fixes this was to deny all trafic DIRECTLY to the routers IP and wan0-0 interface this still allows the boxes behind the router to be accessable from the internet (for instance if you have a web server etc..) but the code red will not crash the router any more. I was told that all I needed to do was dissable the web interface on the router and i was fine in my case that seemed to be incorrect.. -------------- Brian Carpio CSG Systems Inc. Open Systems Unix System Admin x3317 -------------- --- Security is a Process NOT a Product ---- On Mon, 6 Aug 2001, Blue Boar wrote: > We've got reported crashes for Cisco DSL router, HP JetDirect > print servers, Xylan Omniswitch, and 3com CoreBuilder 3500, all from > Code Red(s). > > Note to Code Red authors: Umm... that's some impressive random noise > web server testing there guys... > > Anyway, has anyone explored whether these crashes are exploitable > beyond DoS? > > BB >
This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 12:45:16 PDT