[NCLUG] Cisco/CodeRed fix?
Mark Fassler
fassler at monkeysoft.net
Tue Aug 7 14:16:25 MDT 2001
Our Cisco 675 has been up for over 14 hours using basically that approach.
Personally, I prefer the "set web remote" over the "set web port" option
if I was going to do just one: If you just change the port number then
conceivably some jerk can still come along and crash your router, but if
you restrict the IP address, they have to hack into the machine with that
IP address (very improbable if you set it to, say 10.0.0.1 and you're not
connected to a 10.* network.).
The real fix is, of course, for Cisco to release a CBOS that, when you
tell it to disable something, it *actually* frickin' gets disabled
(including the telnet and tftp servers - who knows what possible exploits
those have...).
--
Mark Fassler
fassler at monkeysoft.net
On Tue, Aug 07, 2001 at 01:35:44PM -0600, thorson at aster.com wrote:
>
> nclug'ers,
>
> The Cisco678 DSL router has been up for about 4 hours now. I think
> it is possibly fixed. Here is it's current state:
>
> set web disable
> set web remote 10.0.0.1 (probably not needed for fix)
> set web port 81
> write
> reboot
>
> It's looking good. I'll let you'all know if this doesn't fix everything.
> Thanks for all the help.
>
> Bill
>
>
> _______________________________________________
> NCLUG mailing list
> NCLUG at nclug.org
> http://www.nclug.org/mailman/listinfo/nclug
More information about the NCLUG
mailing list