RE: [Full-Disclosure] Re: Cisco IOS Denial of Service that affects most Cisco IOS routers- requires power cycle to recover

tcleary2_at_csc.com.au
Date: 07/25/03

  • Next message: morning_wood: "Re: [Full-Disclosure] morning_wood should stop posting xss"
    To: lee.e.rian@census.gov
    Date: Fri, 25 Jul 2003 10:36:19 +0800
    
    

    Guys,

    >So... has anyone been able to verify that the problem occurs when the TTL
    >expires without the packet being addressed to the router? Or is it a
    >requirement that the evil packet be addressed to the router?

    As far as we know, the TTL has to go to 1/0 on the target IP address.

    Haven't been able to get the effect on a transit packet.

    Regards,

    tom.
    __________________________________________________
    Security Consultant/Analyst
    CSC
    Ph: +61 8 9429 6478 Email: tcleary2@csc.com.au
    ----------------------------------------------------------------------------------------
    This email, including any attachments, is intended only for use by the
    addressee(s) and may contain confidential and/or personal information and
    may also be the subject of legal privilege. Any personal information
    contained in this email is not to be used or disclosed for any purpose
    other than the purpose for which you have received it. If you are not the
    intended recipient, you must not disclose or use the information contained
    in it. In this case, please let me know by return email, delete the
    message permanently from your system and destroy any copies.
    ----------------------------------------------------------------------------------------

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: morning_wood: "Re: [Full-Disclosure] morning_wood should stop posting xss"

    Relevant Pages

    • Re: UPNP/SSDP
      ... otherwise it's just a glorified packet filter with a set of rules. ... neither a NAT nor a router are referred to as packet filters. ... a NAT router for broadband internet does not do this, ... router to route traffic b/w two or more private networks and the internet. ...
      (microsoft.public.windowsxp.general)
    • Re: Nmap questions concering my router
      ... has only one interface, ... as having a chunk of space in the computer much like a hotel room. ... >is) directly connected to my router, which i dont set up a NAT yet. ... Which IP address is the packet addressed to? ...
      (comp.security.firewalls)
    • Re: IIS5 Passive FTP Networking problem (long)
      ... or do away with the router entirely (and the hardware based ... > had the ability to run an FTP server behind it without changing the IP ... The NAT changes the PASV response ... translate the address fields of a packet. ...
      (microsoft.public.inetserver.iis.security)
    • Re: MSS on router, why?
      ... The proper way to describe the ICMP packet which is supposed to be ... returned by a router which cannot forward the IP packet which is too ... Because ICMP was defined before Path MTU Discovery (1981 and 1990 ... fragmentation and try to use path MTU discovery, ...
      (comp.dcom.sys.cisco)
    • Re: Nmap questions concering my router
      ... Ah, but the packet is being sent to an application running on the router, ... not the web server on your LAN. ... we separate LAN from LAN as well as ...
      (comp.security.firewalls)