Advisory - tunneling of IP at exchange points.
Dave Van Allen
dave at fast.net
Wed Nov 26 13:20:03 UTC 1997
Thanks Paul, wonderful job. Side-note (taken from the exploit write-up
>// Adding "log-input" to the end of each access-list line will log
>// the hardware address of the sender for good measure. IOS 11.1
>// and upwards only (from memory)
We find log-input to very unreliable and often producing wrong
information. It indeed operates differently across the 11.1 train (no
comment on 11.2 offered) I think 11.1.15 breaks it badly. Albeit
improperly worded and not well defined in print on CCO, please reference
cisco BUGid CSCdj40503 prior to trusting log-input for any valid info.
David Van Allen - FASTNET(tm) / You Tools Corporation
dave at fast.net (888)321-FAST(3278) http://www.fast.net
FASTNET - Business and Personal Internet Solutions
> -----Original Message-----
> From: Paul Thornton [SMTP:prt at linx.net]
> Sent: Tuesday, November 25, 1997 9:47 AM
> To: nanog at merit.edu
> Cc: eof at ripe.net; se-gix at sunet.se; mae-east-tech at uu.net;
> membership at linx.net; ops at linx.net
> Subject: Advisory - tunneling of IP at exchange points.
> -- PLEASE NOTE: If you are replying to this, consider pruning the list
> -- of cc's rather than crossposting replies wildly!
> The LINX and several of its members have recently had to take action
> against an ISP that was using GRE tunneling between exchange points
> to appropriate the capacity of other ISPs.
> Keith Mitchell
> London InterNet Exchange keith at linx.org
> Geneva House, 3 Park Road
> Peterborough PE1 2UX
> United Kingdom
> Phone: +44 1733 705000 (fax 353929)
> Paul Thornton, Network Engineer, London Internet Exchange Ltd.
> Tel: 07000 783797 Mobile: +44 467 372205
More information about the NANOG