Bugtraq mailing list archives
Re: Cisco 675 Denial of Service Attack
From: Popsite <calvin () LAKEWOODPRES ORG>
Date: Sat, 2 Dec 2000 17:20:08 -0800
I suspect that Chuck is a longstanding Q/USWest DSL customer, and according underestimates the severity of the impact on Qwest.net. Qwest (then USWest) has been delivering DSL for about 2.5 years now. I was the first customer in my CO to get hooked up. I had the original Netspeed in bridge mode. Soon after that Cisco bought out Netspeed and started shipping the units with a Cisco 675 nameplate, but otherwise untouched internally (open up a Rev 1.4 model and see the Netspeed ASIC). Then came the Rev 2.X models, which is the vast majority of the current installed base, since Q/USWest shipped the 2.0 models out as free replacements to all existing customers, and mine was still used in bridge mode. A year after the initial installation, I moved and my new installation (with USWest.net) went in as PPP mode. So, for the last 18+ months Q/USWest.net installations have been installed in PPP mode, and Q/USWest has been pushing the PPP mode to all ISP's, though it is not a requirement (yet). I am certain that suggesting that 99% of Q/USWest.net customers are in bridge mode is inaccurate. If anything, 99% are in PPP mode. Mostly only original (first 6-12 months of availability) customers would still be in bridge mode. CRC ----- Original Message ----- From: "poke" <poke () OLY SILVERLINK NET> Sent: Friday, December 01, 2000 12:14 PM Subject: Re: Cisco 675 Denial of Service Attack
QWest DSL (of which I am a customer/user) uses the 675 in bridging mode (in fact that is how it was delivered). AFIK it can be affected by traffic about as much as a dumb hub can. However, you can make it active, give it an IP address etc if you want to use it's NAT or WebAdmin capabilities. Then you are vulnerable... 99% of those QWest customers who use the 675 probably wouldn't have a clue or a reason to change this. -Chuck -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ :"Condense fact from the vapor of nuance"| $s=$ARGV[0];$n='';while($s) : : 25 -> ten.knilrevlis@wkcuhc | {$s=~s/(.$)//;$n=$n.$1;} : : 80 -> ekop/ten.knilrevlis.www//:ptth | print "$n\n"; : ---------------------------------------------------------------------- Organization is the destruction of truth...
Current thread:
- Re: Cisco 675 Denial of Service Attack, (continued)
- Re: Cisco 675 Denial of Service Attack Erik Parker (Dec 02)
- Re: Cisco 675 Denial of Service Attack Kee Hinckley (Dec 05)
- Re: Cisco 675 Denial of Service Attack CDI (Dec 02)
- Re: Cisco 675 Denial of Service Attack Erik Parker (Dec 02)
- Re: Cisco 675 Denial of Service Attack poke (Dec 02)
- Re: Cisco 675 Denial of Service Attack Shane Youhouse (Dec 02)
- Re: Cisco 675 Denial of Service Attack CDI (Dec 05)
- Re: Cisco 675 Denial of Service Attack J Edgar Hoover (Dec 05)
- Message not available
- Re: Cisco 675 Denial of Service Attack Damir Rajnovic (Dec 06)
- Re: Cisco 675 Denial of Service Attack J Edgar Hoover (Dec 07)
- Message not available
- Re: Cisco 675 Denial of Service Attack Damir Rajnovic (Dec 07)