Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19

Rob Thomas robt at cymru.com
Fri Jan 21 01:30:32 UTC 2005


Hi, NANOGers.

Will makes an excellent point here:

] I beg to differ -  3/4 of the Cisco routers in (enterprise) production are
] *unmaintained*. These will have a variety of vulnerable, buggy or just plain
] crap IOS versions and no-one would've even considered upgrading for years.

While I don't have any numbers, I can say that we see a LOT of
routers overtly compromised and modified as a result.  The
modifications are generally scripted, and include changing the
passwords (to anything but "cisco"), disabling logging, and
adding filters.  You'd think such things would be rather
obvious, and they are, yet no one notices.

Most of these compromised routers are at the end of FR or
frac-T connections.  I suspect a great many of them were
configured once, then left to rot with the same code and
configuration for years and years.

Thanks,
Rob.
-- 
Rob Thomas
http://www.cymru.com
Shaving with Occam's razor since 1999.




More information about the NANOG mailing list