[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: impact of recent cisco vulnerability

To: Patrik Fältström <paf@cisco.com>
Subject: Re: impact of recent cisco vulnerability
From: itojun@iijlab.net
Date: Mon, 21 Jul 2003 15:57:45 +0900
Cc: iab@ietf.org, iesg@ietf.org
In-reply-to: paf's message of Mon, 21 Jul 2003 08:41:37 +0200. <60D4DA08-BB46-11D7-84A0-000A959CF516@cisco.com>

>> 	because of recent cisco vulnerability, many ISPs installed filters
>> 	that would drop mobile-ip4 (ip protocol type 55), both inbound and
>> 	outbound at EBGP routers, as a countermeasure until they upgrade all
>> 	of the cisco routers they have.  it would seriously impact the
>> 	deployment/use of mobile-ip4.
>Weird. The problem is, as far as I understand, only traffic _to_ the=20
>router, not _through_.

	they are installing:
	- inbound filter at EBGP routers to protect cisco equipments within
	  the ISP (until they upgrade all cisco equipments within the ISP,
	  or install filter on all cisco equipments within the ISP)
	- outbound filter at EBGP routers to avoid sending attack packet
	  to other ISPs

itojun

References:
- Re: impact of recent cisco vulnerability
  - From: Patrik Fältström <paf@cisco.com>

Prev by Date: Re: impact of recent cisco vulnerability
Next by Date: Re: impact of recent cisco vulnerability
Previous by thread: Re: impact of recent cisco vulnerability
Next by thread: Re: impact of recent cisco vulnerability
Index(es):
- Date
- Thread