We're running several six 65xx Sup720-3BXL with 3 full transit views and
some 40-odd peers. We use two NPE-G1s for reflectors and some policy
manipulation. Also running MPLS in the core to allow for traffic
engineering and EoMPLS between certain services located in different
locations.
We're
through SIP and hopefully
exploit if attached to PRI's or PSTN for toll fraud.
I really do learn something new everyday, some smart deviant people out there.
On Fri, Apr 10, 2009 at 3:45 AM, Leland E. Vandervort
lel...@taranta.discpro.org wrote:
Hi All,
Over the past couple of days we
Hi All,
Over the past couple of days we have been seeing an exponential increase
(about 200-fold)
in the amount of UDP SIP Control traffic in our netflow data. The past 24
hours, for example, has shown a total of nearly 300 GB of this traffic
incoming and over 400 GB outgoing -- this despite
making life fun for the rest of us ;)
Thanks
Leland
On Fri, 10 Apr 2009, Roland Dobbins wrote:
On Apr 10, 2009, at 4:45 PM, Leland E. Vandervort wrote:
UDP SIP Control traffic in our netflow data.
Have you grabbed some packets in order to ensure it's actually SIP,
vs. something else
On Fri, 10 Apr 2009, Roland Dobbins wrote:
IANAL, but I suggest you check again with your legal department - I
doubt this is actually the case (your jurisdiction may vary, but in
most Western nations, you can grab packets for diagnostic/
troubleshooting/forensics purposes).
Already did
On Tue, 17 Feb 2009, Mike Lewinski wrote:
German Martinez wrote:
bgp max-as will NOT protect you from this exploit (but if you are not
vulnerable it should prevent you from propogating it).
I can confirm this statement...
(unfortunately)
L.
bgp maxas-limit has a default value of 75 if you don't include it
explicitly in the config so in this case it wouldn't have made much of a
difference.
L.
On Mon, 16 Feb 2009, Jon Lewis wrote:
On Mon, 16 Feb 2009, John van Oppen wrote:
Yep we saw the same, every customer with old IOS had
, and our maxas-limit settings did trigger and reject these.
On Mon, 16 Feb 2009, Leland E. Vandervort wrote:
bgp maxas-limit has a default value of 75 if you don't include it
explicitly in the config so in this case it wouldn't have made much of a
difference.
L.
On Mon, 16 Feb 2009
8 matches
Mail list logo
