Security Basics mailing list archives
RE: Cisco Workaround
From: "Jofre, Sebastian" <Tian () prima com ar>
Date: Thu, 24 Jul 2003 14:18:34 -0300
Ports : http://www.seifried.org/security/ports/ Regards. -----Original Message----- From: Wolfpaw - Dale Corse [mailto:admin-lists () wolfpaw net] Sent: Thursday, July 24, 2003 1:03 AM To: DOUGLAS GULLETT; Alvaro Gordon-Escobar Cc: firewalls () securityfocus com; security-basics () securityfocus com Subject: RE: Cisco Workaround Be aware - the hack is a Denial of Service attack, and it can be accomplished with ANY ONE of these protocols, there is no special combination required. Call Cisco TAC and they will give you updated software for your device, which voids the need for the ACL. Regards, D. -------------------------------- Dale Corse System Administrator Wolfpaw Services Inc. http://www.wolfpaw.net (780) 474-4095
-----Original Message----- From: DOUGLAS GULLETT [mailto:dougg03 () comcast net] Sent: Wednesday, July 23, 2003 1:16 PM To: Alvaro Gordon-Escobar Cc: firewalls () securityfocus com; security-basics () securityfocus com Subject: Re: Cisco Workaround I don't think you have to put all the access-list in. I believe that the hack requires a certain combination of packets to the four ports, so leaving one or two of them open should still prevent the hack. That might be a good question for Cisco TAC...they should be willing to help even if you "misplaced" your SmartNet contract information. ;-) Doug ----- Original Message ----- From: Alvaro Gordon-Escobar <alvaroge () molecularstaging com> Date: Wednesday, July 23, 2003 10:15 am Subject: Cisco Workaroundwill this access list modification prevent my internal DNS server from updates to it self from my telco's DNS server? access-list 101 deny 53 any any access-list 101 deny 55 any any access-list 101 deny 77 any any access-list 101 deny 103 any any !--- insert any other previously applied ACL entries here !--- you must permit other protocols through to allow normal !--- traffic -- previously defined permit lists will work !--- or you may use the permit ip any any shown here access-list 101
permit ip any any Thanks in advance ~alvaro Escobar-------------------------------------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- ________________________________________ ESTE MENSAJE ELECTRONICO ESTA DIRIGIDO SOLAMENTE A LA PERSONA O ENTIDAD MENCIONADA EN LA DIRECCION A LA CUAL FUE ENVIADO. PUEDE CONTENER INFORMACION CONFIDENCIAL Y LEGALMENTE PROTEGIDA DE PRIMA S.A. O DE CLARIN GLOBAL S.A.. ESTA PROHIBIDA LA REVISION, DIVULGACION, DISTRIBUCION, PUBLICACION, IMPRESION, COPIA O ACCION EN RELACION CON ESTA INFORMACION, POR PERSONAS O ENTIDADES DISTINTAS AL DESTINATARIO. SI USTED RECIBIO POR ERROR ESTE MENSAJE LE ROGAMOS REENVIARLO AL EMISOR Y DESTRUIR LAS COPIAS IMPRESAS O GRABADAS EN SU SISTEMA. PRIMA S.A. - CLARIN GLOBAL S.A. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Cisco Workaround, (continued)
- RE: Cisco Workaround Wolfpaw - Dale Corse (Jul 24)
- RE: Cisco Workaround Byrne Ghavalas (Jul 24)
- Re: Cisco Workaround john (Jul 24)
- Re: Cisco Workaround joshua sahala (Jul 24)
- Re: Cisco Workaround Jac (Jul 24)
- Re: Cisco Workaround Luis Enrique Londono (Jul 23)
- Re: Cisco Workaround bryan_khoo (Jul 24)
- RE: Cisco Workaround dave kleiman (Jul 24)
- Re: Cisco Workaround igenge2 (Jul 24)
- Re: Cisco Workaround Stephane Nasdrovisky (Jul 24)
- RE: Cisco Workaround Jofre, Sebastian (Jul 24)
- RE: Cisco Workaround Tim Donahue (Jul 28)
- RE: Cisco Workaround Ghaith Nasrawi (Jul 28)
- RE: Cisco Workaround Noonan, Wesley (Jul 28)
- RE: Cisco Workaround Martin, Olivier (Jul 28)
- Re: Cisco Workaround joshua sahala (Jul 28)
- RE: Cisco Workaround Ghaith Nasrawi (Jul 29)
- Re: Cisco Workaround stephane nasdrovisky (Jul 29)
- Re: Cisco Workaround Jac (Jul 30)
- RE: Cisco Workaround Todd Mitchell - lists (Jul 30)
- Re: Cisco Workaround James Fields (Jul 30)
- Re: Cisco Workaround stephane nasdrovisky (Jul 29)