As I understand it, excuse me if I am wrong, but this bug is focused on the ability of newer routers to be managed via http, not so much to deny port 80 traffic. There is a means, by using a particular string, to gain admin level privileges on the affected router. It has been said that using TACACS will resolve this problem, as well as the 'no ip http server' command. Also this bug affects IOS version 11.1 and above...so for all those using old IOS (I am guilty also)...smile you're delay in upgrading has been worthwhile..!! -----Original Message----- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Monday, July 16, 2001 12:00 PM To: [EMAIL PROTECTED] Subject: RE: Alert: HTTP bug makes nearly all Cisco routers vulnerable [7:12493] I remain curious about this. filtering http access sources from untrusted interfaces and destined for router interfaces does not work? I'll have to try this in the lab access-list 101 deny tcp untrusted_network router_interface eq 80 access-list 101 permit ip any any Chuck -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Liang Mark J Civ AFRL/PROI Sent: Monday, July 16, 2001 8:39 AM To: [EMAIL PROTECTED] Subject: RE: Alert: HTTP bug makes nearly all Cisco routers vulnerable [7:12489] You could always disable HTTP service on you routers. mark -----Original Message----- From: Sean Young [mailto:[EMAIL PROTECTED]] Sent: Monday, July 16, 2001 8:29 AM To: [EMAIL PROTECTED] Subject: Re: Alert: HTTP bug makes nearly all Cisco routers vulnerable [7:12487] This Cisco bug will BITE only if you use local account. If you use TACACS for Authentication, Authorization and Accounting (AAA), then you do NOT to have to worry about this bug. I've been trying to test it in the lab without success because I use TACACS. If anyone think I am wrong, please contact me and straight me out. Sean >From: "cisco skin" >Reply-To: "cisco skin" >To: [EMAIL PROTECTED] >Subject: Re: Alert: HTTP bug makes nearly all Cisco routers vulnerable [7:12478] >Date: Mon, 16 Jul 2001 10:37:54 -0400 > >Check your MSFC's!!! > > >""Oke Oyebanji"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hi Everybody, > > > > This was a released from TechRepublic on Cisco routers vulnerablity early > > this morning, please do check it out and take necessary precaution. For > > details check: > > > > http://www.techrepublic.com/article.jhtml?id=r00220010716mco02.htm > > > > Have a nice day. > > > > Kind regards, > > Banji. > > > > > > _________________________________________________________________________ > > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > > > > [GroupStudy.com removed an attachment of type application/msword which had >a > > name of Cisco Routers Bugs.doc] misconduct and Nondisclosure violations to [EMAIL PROTECTED] ------------------------------------------------------------------------ Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12505&t=12505 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
