I really thought that more Cisco devices were deployed among NANOG.
I guess that these devices are not used anymore or maybe that I
understood wrong the severity of this CVE.
A proper network design helps to mitigate flaws like this. If you have CDP off, which many people do, then this exploit is not that big of a deal to you. If your devices are on a management network then it’s not that big of a deal. Just because a certain vendor has vulnerabilities exposed doesn’t it’s an all hand on deck scenario. Many of the folks on NANOG have a good grasp of network design. Sure, some don’t. But for the most part they do.
Justin Wilson
lists@mtin.net