One XP machine also took out about half of AMD's Huston campus about 5
months ago. It does more that just take out segments, It can take out a
whole network !!! The next day AMD circulated a memo that anyone connecting
an XP machine to the network would receive disciplinary action !!!!
Wooops !!
Tony
(Sill working at 4am PST)
----- Original Message -----
From: "Charlie Hartwell"
To:
Sent: Wednesday, August 22, 2001 3:34 AM
Subject: RE: HELP!! The Cisco Code & Windows XP [7:16604]
> I might be repeating someone else here - I haven't followed the
> thread completely. The vulnerability you are talking about is
> documented in this field notice...
> http://www.cisco.com/warp/public/707/cat5k-8021x-vuln-pub.shtml
>
> You have to be VERY careful when putting XP on your Cisco switched
> LAN, make sure you have new code and/or new SUP's. The 802.1x
> authentication option is also available on Win2k but it is disabled
> by default, on the XP beta it is enabled by default (not sure if the
> final release will be the same). It seems to boil down to STP ports
> in "blocking" mode forwarding the 802.1x packets. It has the
> potential to bring down a segment in double-quick time, just ask
> Xerox, apparently just one curious engineer's PC managed that trick,
> they now have a strict "NO XP!" policy on their network (allegedly).
>
> Regards
>
> Charlie
>
> --- Chuck Larrieu wrote: > I did a little more
> checking on this. there is a known issue with
> > XP clients
> > and Catalyst 5000 switches with EARL 1 and certain software
> > revisions. I may
> > be misunderstanding this completely, but it is an issue with the
> > interaction
> > of the Cat 5K and XP when 802.1x port authentication is enabled.
> > that got me
> > to reading on 802.1x authentication. interesting.
> >
> > Chuck
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf
> > Of
> > Brian
> > Sent: Tuesday, August 21, 2001 6:40 PM
> > To: [EMAIL PROTECTED]
> > Subject: RE: HELP!! The Cisco Code & Windows XP [7:16604]
> >
> >
> > perhaps boss heard about the mstcp thread...
> >
> > Brian "Sonic" Whalen
> > Success = Preparation + Opportunity
> >
> >
> > On Tue, 21 Aug 2001, Chuck Larrieu wrote:
> >
> > > I'm sure you've had your fair share of smart remarks by now. So I
> > won't
> > add
> > > my own. I will remark that in fairness to your boss, there is
> > probably
> > > something he has heard or read which caused him to look for
> > reassurance.
> > >
> > > for example, is there a concern with VPN compatibility of
> > operation using
> > > Win XP VPN client software? is there a security concern based
> > upon
> > published
> > > writings about the XP TCP stack?
> > >
> > > if the question is "will Cisco routers pass traffic generated by
> > XP
> > > machines?" the answer is "sure. why not" after all, there is
> > nothing in an
> > > IP or a TCP header that indicates the type of host OS that
> > originates the
> > > packet. as long as the traffic is contained in valid packets, the
> > router
> > > will pass process them. knowing that, may I recommend you sit
> > down with
> > the
> > > boss and ask what his concerns are. what has he read? what has he
> > heard?
> > why
> > > would he think there is reason to be concerned? hell, he could be
> > a victim
> > > of MBBW ( Management By Business Week - where the president of
> > the company
> > > saw something in Business Week Magazine over the weekend and on
> > Monday
> > > morning told your boss to investigate and come back with report.
> > ;->
> > >
> > > ( and yes, I know some bosses are "she" )
> > >
> > > Chuck
> > >
> > > -----Original Message-----
> > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
> > Behalf Of
> > > Ray Smith
> > > Sent: Monday, August 20, 2001 5:38 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: HELP!! The Cisco Code & Windows XP [7:16604]
> > >
> > >
> > > Guys,
> > >
> > > After my boss delegated me to research all I can about what is
> > need to
> > > upgrade if necessary our Cisco routers and switches to work with
> > Windows-XP,
> > > I was only able to assert from information on the web that there
> > is a bug
> > in
> > > the switch software that is incompatible with XP.
> > >
> > > Does anyone here know of any valuable information that can help
> > me with
> > > compiling an educated assessment of this research? Is anyone out
> > there
> > > knowledgeable of this issue either from personal experience or
> > from
> > > literature? I would really appreciate some feedback.
> > >
> > > The only problems that I have actually heard of thus far is that
> > which
> > > occurred during the beta test that brought down one of Xerox's
> > network. I
> > > understand that there is a patch that is available as a fix, in
> > addition
> > to
> > > the option of upgrading the Switch code. My question is: -
> > >
> > > a). Does the incompatibility only exist with the Switch software
> > or with
> > the
> > > router IOS as
> > > well?
> > >
> > > b). Is the patch the best way of dealing with the problem?
> > >
> > > I appreciate any help that I can get. Thanks
> > >
> > >
> > > _________________________________________________________________
> > > Get your FREE download of MSN Explorer at
> > http://explorer.msn.com/intl.asp
> [EMAIL PROTECTED]
>
> ____________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
> or your free @yahoo.ie address at http://mail.yahoo.ie
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=16792&t=16604
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
