[lug] Possible DOS on CIsco 675

Zichary O`Tea zirotea at cyberspace.org
Fri Jul 20 08:56:08 MDT 2001


Another reason to use F.I.S.H.

http://FISH.baseteninc.com/

On Fri, 20 Jul 2001, Harris, James wrote:

> Not sure if you're all aware, but this is probably related to the "Code Red
> Worm" that is infecting IIS servers all over the internet.  (This is a very
> big bad worm.)  Once a server has been infected, it starts DOSsing random
> IPs.  We've received reports from various security sources stating that the
> Cisco's seem to be vulnerable to this particular type of DOS.  (Go Windows
> NT and 2000!!!)  Ugh.  This thread seems to support that rumor.
> 
> More information:
> http://www.cert.org/advisories/CA-2001-19.html
> 
> 
> -----Original Message-----
> From: Chip Atkinson [mailto:catkinson at circadence.com]
> Sent: Thursday, July 19, 2001 13:38
> To: lug at lug.boulder.co.us
> Subject: [lug] Possible DOS on CIsco 675
> 
> 
> Greetings,
> 
> This morning my 675 kept going down and would require a power cycle to 
> restore it.  A little web search indicated that it's possible to kill 
> the 675 through the web interface.  I disabled the web interface and the 
> 675 hasn't gone down since.  I suspect that the 675 was being DOSed. 
> Here's a link to the page I found:
> http://security-archive.merton.ox.ac.uk/bugtraq-200011/0393.html
> 
> Chip
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> 




More information about the LUG mailing list