[NCLUG] Re: Not Code Red (another Code Red topic)
John L. Bass
jbass at dmsd.com
Tue Aug 7 01:09:57 MDT 2001
Let me add the obvious here, since it hasn't been stated here yet.
If Code Red can crash a cable modem, then that means there is a possible
exploit if properly constructed. It's just a matter of time before
the hackers can breach your "firewall" router that NAT's to protect
your internal machines.
John Bass
Date: Mon, 6 Aug 2001 23:37:24 -0600
From: Quent <quent at pobox.com>
To: nclug at nclug.org
Subject: Re: [NCLUG] Re: Not Code Red (another Code Red topic)
I've learned a few good things from this thread :-)
* I'm glad to be still using bridging only mode!
* I hope my DSL "modem" never dies because it sounds like
qwest will be useless.
* It's good that I never followed up on my desire to
upgrade cbos.
Setting the web remote ipaddress sounds like a winner to me.
Quent
On Mon, Aug 06, 2001 at 11:23:38PM -0600, Mark Fassler wrote:
> When Code Red came out, our DSL router would go down about once a day.
> Over the weekend this has increased to about once every 30 minutes or so.
> I've tried four different Cisco 675s. I've tried CBOS 2.0, 2.2, and
> 2.4.1. It seems that 2.4.1 doesn't fix the Code Red vulnerability, nor
> does Cisco's suggestion of disabling the web interface.
More information about the NCLUG
mailing list