cisco IOS bug/exploit?

• Previous message (by thread): cisco IOS bug/exploit?
• Next message (by thread): cisco IOS bug/exploit?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Barton F Bruce wrote:
>There is a chance that you have a static for 0.0.0.0 0.0.0.0 to eth0 or
>something like that even though the other end may be the only thing on the
>ethernet. DON'T do that!
>
>The router will arp for every address it needs to get to.
>With codered around, that can be bad.
>
>Use a static default to a real ip address.

Use "no ip proxy-arp" (you should all be doing this anyway).  With proxy ARP
disabled, a default route to an ethernet interface won't work unless
0.0.0.0/0 really is connected at layer 2.

>There is somthing on CCO about this.

http://www.cisco.com/warp/public/63/ts_codred_worm.shtml

Mark

• Previous message (by thread): cisco IOS bug/exploit?
• Next message (by thread): cisco IOS bug/exploit?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]