Security Basics mailing list archives
Re: Cisco Workaround
From: DOUGLAS GULLETT <dougg03 () comcast net>
Date: Wed, 23 Jul 2003 15:16:28 -0400
I don't think you have to put all the access-list in. I believe that the hack requires a certain combination of packets to the four ports, so leaving one or two of them open should still prevent the hack. That might be a good question for Cisco TAC...they should be willing to help even if you "misplaced" your SmartNet contract information. ;-) Doug ----- Original Message ----- From: Alvaro Gordon-Escobar <alvaroge () molecularstaging com> Date: Wednesday, July 23, 2003 10:15 am Subject: Cisco Workaround
will this access list modification prevent my internal DNS server from updates to it self from my telco's DNS server? access-list 101 deny 53 any any access-list 101 deny 55 any any access-list 101 deny 77 any any access-list 101 deny 103 any any !--- insert any other previously applied ACL entries here !--- you must permit other protocols through to allow normal !--- traffic -- previously defined permit lists will work !--- or you may use the permit ip any any shown here access-list 101 permit ip any any Thanks in advance ~alvaro Escobar ------------------------------------------------------------------- -------- ------------------------------------------------------------------- ---------
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: Cisco Workaround jamesworld (Jul 23)
- RE: Cisco Workaround Ghaith Nasrawi (Jul 25)
- RE: Cisco Workaround (comment on actually using those protocols) jamesworld (Jul 28)
- RE: Cisco Workaround David Gillett (Jul 28)
- <Possible follow-ups>
- RE: Cisco Workaround Naman Latif (Jul 23)
- RE: Cisco Workaround Todd Mitchell - lists (Jul 23)
- RE: Cisco Workaround Charlie Winckless (Jul 23)
- Re: Cisco Workaround DOUGLAS GULLETT (Jul 23)
- RE: Cisco Workaround Terry Baranski (Jul 24)
- Re: Cisco Workaround Paul Kincaid (Jul 24)
- RE: Cisco Workaround Dave Gilmore (Intrusense) (Jul 24)
- Re: Cisco Workaround Kurt Seifried (Jul 24)
- RE: Cisco Workaround David Gillett (Jul 24)
- RE: Cisco Workaround Wolfpaw - Dale Corse (Jul 24)
- RE: Cisco Workaround Byrne Ghavalas (Jul 24)
- Re: Cisco Workaround john (Jul 24)
- Re: Cisco Workaround joshua sahala (Jul 24)
- Re: Cisco Workaround Jac (Jul 24)
(Thread continues...)
- RE: Cisco Workaround Ghaith Nasrawi (Jul 25)