[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Should nmap cause a DoS on cisco routers?
- To: "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Should nmap cause a DoS on cisco routers?
- From: "Dobbins, Roland" <rdobbins@xxxxxxxxx>
- Date: Fri, 2 Jul 2010 01:30:37 +0000
On Jul 2, 2010, at 8:13 AM, Lee wrote:
> so presumably the scan came from a network that had full access to the
> routers.
One question is whether or not the network in question *should* have full
access to the management plane of the routers.
;>
> That's a bit harder to defend against.
Sure, but also note that CoPP, HWRL, and the like can help, depending upon the
platform.
Don't get me wrong; this should be investigated further, and PSIRT are on it.
My point is that folks don't need to go into panic mode, but should educate
themselves as to how to defend their network infrastructure against attack and
then deploy the relevant BCPs.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@xxxxxxxxx> // <http://www.arbornetworks.com>
Injustice is relatively easy to bear; what stings is justice.
-- H.L. Mencken
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/