Re: Possible Sudden Uptick in ASA DOS?

[Jared Mauch <jared () puck nether net>]

> On Jul 9, 2015, at 5:35 PM, Ricky Beam <jfbeam () gmail com> wrote:
>
> On Thu, 09 Jul 2015 07:27:16 -0400, Jared Mauch <jared () puck nether net> wrote:
> > Really just people not patching their software after warnings more than six months ago:
>
> A lot goes into "updates". Not the least of which is *knowing* about the issue. Then getting the patched code, then 
> lab testing, then regulatory approval(s), then maintenance window(s)…

Not my first rodeo.

Once again, it’s been since October 2014.  If you failed to pay your credit card bill from October 2014 you can’t 
expect it to work either.

> > Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate some of these 
> > vulnerabilities are available.
>
> "Free" if you have a support contract. (the clause 3 "contact TAC" method is all too often a serious pain in the ass.)

I’ve never had issues getting them to open a case for this hardware.  You can either operate responsibly or not.

I wouldn’t be surprised if the situation gets worse.  Either way, upgrade/patch/silo as necessary.

- Jared