Cisco vulnerability and dangerous filtering techniques

• Previous message (by thread): Cisco vulnerability and dangerous filtering techniques
• Next message (by thread): Cisco vulnerability and dangerous filtering techniques
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 22 Jul 2003, Jason Frisvold wrote:
> 
> Not only the "clueless", but how about those of us who deploy older
> routers sometime in the future with legitimate uses?  What happens when
> we "forget" that this bug exists?  Now we have to go through the process
> of adding a "don't forget the IPV4 Cisco Bug" clause to our procedures..
> 
> 

You don't need to add that clause as long as you maintain a set of 
baseline configurations.  If you deploy all routers with the same code, or 
as close to it as possible, then you don't have to remember individual 
security alerts, because as you update the code on your existing routers, 
you should be creating a new baseline that should be installed on all 
newly deployed routers.


allan
- -- 
Allan Liska
allan at allan.org
http://www.allan.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)

iD8DBQE/HXtTvfQS9KzHT6ARAo+1AJ0WYoveQOYum6Fjqt2BgphxAIw2tACfRRTo
pyJ71GMRlVYpltvuUrWsLLo=
=hFp+
-----END PGP SIGNATURE-----

• Previous message (by thread): Cisco vulnerability and dangerous filtering techniques
• Next message (by thread): Cisco vulnerability and dangerous filtering techniques
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]