I'm hearing similar rumors, and Genuity has a "planned emergency
maintenance" tomorrow morning, and there's some major weirdness with
our AT&T feed over the past half hour.
The rumored vulnerability is IOS, not CatOS and supposedly causes a reload,
not a telnet DoS.
I'm hearing similar rumors, and Genuity has a "planned emergency
maintenance" tomorrow morning, and there's some major weirdness with
our AT&T feed over the past half hour.
This might explain the (very!) high number of maintenance alerts from
QWest this week, as well....
> I'm hearing similar rumors, and Genuity has a "planned emergency
> maintenance" tomorrow morning, and there's some major weirdness with
> our AT&T feed over the past half hour.
This might explain the (very!) high number of maintenance alerts from
QWest this week, as well....
Sprint, L3 and Cogent also announced a series of emergency maintenances.
> This might explain the (very!) high number of maintenance alerts from
> QWest this week, as well....
>
Sprint, L3 and Cogent also announced a series of emergency maintenances.
Ok, fine, don't tell the rest of use what it is, how to detect it, or how
to defend against it. We in the university space will just do nothing because
we have nothing to put into our IDS sensors to watch for/block it out.
Because, you know, we're going to be the sources
And then we'll hear all of the usual flak about how universities are
unprepared to handle security problems...
I would just like to hear if there is a publicly available fix yet.
If the backbone carriers have already scheduled their work, then they
likely have a fix in hand. If the fix isn't available, then a rough
schedule would be good so we can plan.
I'd like to understand the vulnerability, but I'd certainly be okay with
cisco saying "psst. put this version of IOS on your boxes. don't ask us
why just yet. we'll explain more later."
Or, maybe they WANT *our* routers to kick over so that we can't source the
attack...