[lug] Code Red woes again.... 675 upgrade became necessary

[Ferdinand Schmid]

Nate Duehr wrote:
> 
> I saw something about the 67X series of routers being vulnerable to
> certain types of port 80 traffic.  One way to get away from the problem
> (and probably a good idea anyway) is to turn off the internal web server
> on these routers.  I saw step-by-step instructions on how to do so
> somewhere in e-mail this week, but can't remember where.  Of course,
> from that point on you need minicom or similar on a serial port to
> access the router to make any changes needed.
> 
> It would seem from what I was reading that the Code Red thing will crash
> Cisco 67X routers with their web servers turned on...
<snip>

You can't fully turn the web interface off.  You can disable it - and
then it doesn't let you administer the router through the web
interface.  But it still listens to incoming port 80 requests.  That's
at least what one of my friend's router does.  The only way to minimize
the problem is to only allow port 80 requests from your own IP and deny
all other packets.

Ferdinand

-- 
Ferdinand Schmid
http://www.archenergy.com
303-444-4149 x231