Thanks Paul, wonderful job. Side-note (taken from the exploit write-up
// Adding "log-input" to the end of each access-list line will log
// the hardware address of the sender for good measure. IOS 11.1
// and upwards only (from memory)
We find log-input to very unreliable and often producing wrong
information. It indeed operates differently across the 11.1 train (no
comment on 11.2 offered) I think 11.1.15 breaks it badly. Albeit
improperly worded and not well defined in print on CCO, please reference
cisco BUGid CSCdj40503 prior to trusting log-input for any valid info.
From: Paul Thornton [SMTP:firstname.lastname@example.org]
Sent: Tuesday, November 25, 1997 9:47 AM
Cc: email@example.com; firstname.lastname@example.org; email@example.com;
Subject: Advisory - tunneling of IP at exchange points.
-- PLEASE NOTE: If you are replying to this, consider pruning the list
-- of cc's rather than crossposting replies wildly!