RE: Cisco Workaround

["Jofre, Sebastian" <Tian () prima com ar>]

Ports :

http://www.seifried.org/security/ports/


Regards.

-----Original Message-----
From: Wolfpaw - Dale Corse [mailto:admin-lists () wolfpaw net] 
Sent: Thursday, July 24, 2003 1:03 AM
To: DOUGLAS GULLETT; Alvaro Gordon-Escobar
Cc: firewalls () securityfocus com; security-basics () securityfocus com
Subject: RE: Cisco Workaround


Be aware - the hack is a Denial of Service attack, and it can be
accomplished with ANY ONE of these protocols, there is no special
combination required. Call Cisco TAC and they will give you updated
software for your device, which voids the need for the ACL.

Regards,
D.
--------------------------------
Dale Corse
System Administrator
Wolfpaw Services Inc.
http://www.wolfpaw.net
(780) 474-4095

> -----Original Message-----
> From: DOUGLAS GULLETT [mailto:dougg03 () comcast net]
> Sent: Wednesday, July 23, 2003 1:16 PM
> To: Alvaro Gordon-Escobar
> Cc: firewalls () securityfocus com; security-basics () securityfocus com
> Subject: Re: Cisco Workaround
>
>
> I don't think you have to put all the access-list in.  I believe that
> the hack requires a certain combination of packets to the
> four ports,
> so leaving one or two of them open should still prevent the
> hack.  That
> might be a good question for Cisco TAC...they should be
> willing to help
> even if you "misplaced" your SmartNet contract information.  ;-)
>
> Doug
>
>
>
> ----- Original Message -----
> From: Alvaro Gordon-Escobar <alvaroge () molecularstaging com>
> Date: Wednesday, July 23, 2003 10:15 am
> Subject: Cisco Workaround
>
> > will this access list modification prevent my internal DNS server 
> > from updates to it self from my telco's DNS server?
> >
> > access-list 101 deny 53 any any
> > access-list 101 deny 55 any any
> > access-list 101 deny 77 any any
> > access-list 101 deny 103 any any
> > !--- insert any other previously applied ACL entries here
> > !--- you must permit other protocols through to allow normal
> > !--- traffic -- previously defined permit lists will work
> > !--- or you may use the permit ip any any shown here access-list 101

> > permit ip any any
> >
> > Thanks in advance
> >
> > ~alvaro Escobar
> -------------------------------------------------------------------
> > --------
> -------------------------------------------------------------------
> > ---------



------------------------------------------------------------------------
---
------------------------------------------------------------------------
----



________________________________________
ESTE MENSAJE ELECTRONICO ESTA DIRIGIDO SOLAMENTE A LA PERSONA O ENTIDAD MENCIONADA EN LA DIRECCION A LA CUAL FUE 
ENVIADO. PUEDE CONTENER INFORMACION CONFIDENCIAL Y LEGALMENTE PROTEGIDA DE PRIMA S.A. O DE CLARIN GLOBAL S.A.. ESTA 
PROHIBIDA LA REVISION, DIVULGACION, DISTRIBUCION, PUBLICACION, IMPRESION, COPIA O ACCION EN RELACION CON ESTA 
INFORMACION, POR PERSONAS O ENTIDADES DISTINTAS AL DESTINATARIO.
SI USTED RECIBIO POR ERROR ESTE MENSAJE LE ROGAMOS REENVIARLO AL EMISOR Y DESTRUIR LAS COPIAS IMPRESAS O GRABADAS EN SU 
SISTEMA.

PRIMA S.A. - CLARIN GLOBAL S.A.



---------------------------------------------------------------------------
----------------------------------------------------------------------------