Just an FYI - Apache Worm on the loose
Robert Boyle
robert at tellurian.com
Thu Jul 11 04:35:07 UTC 2002
At 06:42 PM 7/10/2002 -0400, Phil Rosenthal wrote:
>If you want to be really proactive... Just filter out port 80, and then
>you can't get hacked...
That's simply not true! The command below will make your IP based network
completely secure from outside attack. You need to issue this command on
all IOS based routers. Start at the edges and work your way into the core
to which you must be connected via some out of band method preferably a
modem connected to the console port.
core# conf t
core(config)# no ip routing
This will secure your network against this Apache worm for sure!
Robert
Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com | 888-TELLURIAN | 973-300-9211
"Good will, like a good name, is got by many actions, and lost by one." -
Francis Jeffrey
More information about the NANOG
mailing list