Operational Impact of CA-2002-03 ?

Jared Mauch jared at puck.Nether.net
Thu Feb 14 14:48:47 UTC 2002


	I've been watching the acls on various routers on our (my employer)
network as well as on my home network.

	I've only seen one host attempt to send any sort
of snmp "goodies" to my network:

Feb 14 05:57:55.239 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.252.53(161), 1 packet
Feb 14 06:03:51.550 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.253.53(161), 1 packet
Feb 14 06:03:51.550 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.254.53(161), 1 packet
Feb 14 06:03:51.550 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.255.53(161), 1 packet

	Obviously I don't speak for the entire internet but
i'm not seeing anything that interesting to take note of (imho)
currently.

	- Jared

On Thu, Feb 14, 2002 at 02:00:44AM -0500, Frank B. Scalzo wrote:
> 
> 
> Has anyone seen any discernable operational impact from CA-2002-03? Things
> like: increase in SNMP probes, increase in bgp churn due to outside networks
> being affected, customer complaints, increase in number of customer flaps,
> anyone willing to admit to being directly impacted, anyone willing to admit
> surviving an attempt, does anyone have any evidence of an actual exploit,
> any evidence that people wearing the wrong color hats are using this or
> trying to?
> 
> Frank Scalzo

-- 
Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.



More information about the NANOG mailing list