The culprit was damaged (or bad) copper pair leading to our site. It took a
couple of hours for the local line company to fix. Thankfully, we're back up
and running and Nimda was not to blame.
I appreciate everyone's input :o)
Regards,
Sean Martin, MCSE
Network Administrator
Ribelin Lowell & Company
Insurance Brokers, Inc.
3111 C Street, Suite 300
Anchorage, Alaska 99503
Ph: (907) 561-1250
Fax: (907) 561-4315
Cell: (907) 229-0885
Email: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
-----Original Message-----
From: Greg Page [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 4:59 PM
To: NT System Admin Issues
Subject: RE: Cisco Routers vulnerable to Nimda?
Fortunately my CCM and Unity are inward facing and not running external xml
services. Cisco is way behind in their patches.
Greg
-----Original Message-----
From: Kelly Borndale [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 8:38 PM
To: NT System Admin Issues
Subject: Re: Cisco Routers vulnerable to Nimda?
I pulled this from their Code Red Docs:
The following Cisco products are vulnerable because they run affected
versions of Microsoft IIS:
Cisco CallManager
Cisco Unity Server
Cisco uOne
Cisco ICS7750
Cisco Building Broadband Service Manager
IP/VC 3540 Application Server
They have an advisory list that you may want to look into. I don't have the
info here, but I will look for it -just remind me offline ;)
-K
----- Original Message -----
From: "Sean Martin" <[EMAIL PROTECTED]>
To: "NT System Admin Issues" <[EMAIL PROTECTED]>
Sent: Thursday, September 20, 2001 8:22 PM
Subject: RE: Cisco Routers vulnerable to Nimda?
> The IOS version is 11.295P. Apparently we're a few versions back
> (12.2?). This is a managed service so now I'll have to find out why it
> hasn't been updated. So I guess my question is; Is our version
> vulnerable to the code red/nimda worm(s)?
>
> Regards,
>
> Sean Martin, MCSE
> Network Administrator
> Ribelin Lowell & Company
> Insurance Brokers, Inc.
> 3111 C Street, Suite 300
> Anchorage, Alaska 99503
> Ph: (907) 561-1250
> Fax: (907) 561-4315
> Cell: (907) 229-0885
> Email: [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
>
>
> -----Original Message-----
> From: Kelly Borndale [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 20, 2001 4:14 PM
> To: NT System Admin Issues
> Subject: Re: Cisco Routers vulnerable to Nimda?
>
>
> Yes, the same Cisco vunerabilities to the Code Red Word exist, if you
> have not updated your router software. What are you running on the
> router, IOS version, etc. ? I wonder if the HP printer vunerability
> is still there as well...?
>
> -K
> ----- Original Message -----
> From: "Sean Martin" <[EMAIL PROTECTED]>
> To: "NT System Admin Issues" <[EMAIL PROTECTED]>
> Sent: Thursday, September 20, 2001 7:50 PM
> Subject: Cisco Routers vulnerable to Nimda?
>
>
> > Has anyone heard of any Cisco vulnerabilities to the recent Nimda
> > worm?
> I'm
> > experiencing some weird behavior from my Cisco 1601. The
> > connectivity
> seems
> > to be going up and down, mainly down. At one point during testing
> > with
the
> > ISP, they showed the protocol link being down, but everything else
> > was
> > working(?) I even had our IPsec tunnel established with packets going
both
> > directions, yet none of the users had connectivity through the
> > tunnel or
> out
> > to the internet.
> >
> > T1 circuit -------- Cisco 1601 (E0 interface) --------- Watchguard
> > SOHO
> > ------- HP Switch
> >
> > I'll get into the complete scenario once I determine whether or not
> there's
> > any factors I haven't ruled out.
> >
> > Regards,
> >
> > Sean Martin, MCSE
> > Network Administrator
> > Ribelin Lowell & Company
> > Insurance Brokers, Inc.
> > 3111 C Street, Suite 300
> > Anchorage, Alaska 99503
> > Ph: (907) 561-1250
> > Fax: (907) 561-4315
> > Cell: (907) 229-0885
> > Email: [EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>
> > DO NOT read, copy or disseminate this communication unless you are
> > the intended addressee. This e-mail communication contains
> > confidential
and/or
> > privileged information intended only for the addressee. If you have
> received
> > this communication in error, please call us immediately at (907)
561-1250
> > and ask to speak to the sender of the communication. Also, please
> > e-mail
> the
> > sender and notify the sender immediately that you have received the
> > communication in error.
> >
> > http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
> >
> >
>
>
> http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
> DO NOT read, copy or disseminate this communication unless you are the
> intended addressee. This e-mail communication contains confidential
> and/or privileged information intended only for the addressee. If you
> have
received
> this communication in error, please call us immediately at (907)
> 561-1250 and ask to speak to the sender of the communication. Also,
> please e-mail
the
> sender and notify the sender immediately that you have received the
> communication in error.
>
> http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
>
>
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
DO NOT read, copy or disseminate this communication unless you are the
intended addressee. This e-mail communication contains confidential and/or
privileged information intended only for the addressee. If you have received
this communication in error, please call us immediately at (907) 561-1250
and ask to speak to the sender of the communication. Also, please e-mail the
sender and notify the sender immediately that you have received the
communication in error.
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
