[lug] Possible DOS on CIsco 675

Harris, James James_Harris at maxtor.com
Fri Jul 20 08:47:58 MDT 2001


Not sure if you're all aware, but this is probably related to the "Code Red
Worm" that is infecting IIS servers all over the internet.  (This is a very
big bad worm.)  Once a server has been infected, it starts DOSsing random
IPs.  We've received reports from various security sources stating that the
Cisco's seem to be vulnerable to this particular type of DOS.  (Go Windows
NT and 2000!!!)  Ugh.  This thread seems to support that rumor.

More information:
http://www.cert.org/advisories/CA-2001-19.html


-----Original Message-----
From: Chip Atkinson [mailto:catkinson at circadence.com]
Sent: Thursday, July 19, 2001 13:38
To: lug at lug.boulder.co.us
Subject: [lug] Possible DOS on CIsco 675


Greetings,

This morning my 675 kept going down and would require a power cycle to 
restore it.  A little web search indicated that it's possible to kill 
the 675 through the web interface.  I disabled the web interface and the 
675 hasn't gone down since.  I suspect that the 675 was being DOSed. 
Here's a link to the page I found:
http://security-archive.merton.ox.ac.uk/bugtraq-200011/0393.html

Chip

_______________________________________________
Web Page:  http://lug.boulder.co.us
Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug



More information about the LUG mailing list