 
wintr
join:2004-10-13
Calgary, AB | Great... ...and I just signed on for my CCNA test on Saturday. | |
|
 | 
Monster Rain
Premium
join:2002-08-03
USA | Re: Great... said by wintr  :...and I just signed on for my CCNA test on Saturday. huh? | |
|
| 
bleearg13
join:2001-03-03
Gaithersburg, MD | Can you explain what signing up for your CCNA test has to do with IOS vulnerabilities? | |
|
| |
wintr
join:2004-10-13
Calgary, AB | Re: Great... Just a joke. Not really relevant. Wanted a first post to be honest.
--
546f6f206d616e792073656372657473»augmentedreality.ca | |
|
| | | neftv
join:2000-10-01
Broomall, PA | Re: Great... Since your taking the test this Saturday maybe you can go a fix the problem voluntarily and they will hire you on the spot. | |
|
| | | |
wintr
join:2004-10-13
Calgary, AB | Re: Great... The hope is that theres no more freebies, only paid gigs from now on. Hopefully.
--
546f6f206d616e792073656372657473»augmentedreality.ca | |
|
| |
Monster Rain
Premium
join:2002-08-03
USA | There is a fix new IOS. | |
|
| 
Logan 5
Silver and Black and blue in 2009
Premium,MVM
join:2001-05-25
The WasteLAN
 ·Pacific Bell - SBC
| Re: There is a fix said by Monster Rain :new IOS. Don't Cisco's Pix series Firewalls also use the same IOS as everything else? No mention so far of if this latest round of vulnerabilities affects them as well | |
|
| | smcallah
join:2004-08-05
Home
| Re: There is a fix said by Logan 5 : said by Monster Rain :new IOS. Don't Cisco's Pix series Firewalls also use the same IOS as everything else? No mention so far of if this latest round of vulnerabilities affects them as well No, they don't. PIX OS is completely different from IOS. | |
|
bleearg13
join:2001-03-03
Gaithersburg, MD | New Juniper code, too Juniper pre-released new code to large ISPs and most of them, including us, have already upgraded to prevent this problem.
Every time these vulnerabilities are announced, the media jumps on it and creates mass pandemonium. | |
|
| 
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: New Juniper code, too said by bleearg13 :Juniper pre-released new code to large ISPs and most of them, including us, have already upgraded to prevent this problem. "Large ISPs" may be at the center of the universe, but they are not the entire universe: Other people have to upgrade too.Every time these vulnerabilities are announced, the media jumps on it and creates mass pandemonium. This was a big enough deal that large ISPs performed emergency upgrades - why would it not be "news" ?
Steve
--
Stephen J. Friedl • Unix Wizard • Microsoft Security MVP • Tustin, California USA • my web site | |
|
| | 
dpocoroba
Premium
join:2000-11-14
224.0.0.5 |  Re: New Juniper code, too
--
"Knowledge is contagious, infect" | |
|
| | 
BeesTea
Network Janitor
Premium,VIP
join:2003-03-08
00000 | Absolutely. When tier 1's start going down en-mass. That's news.
-BeesT
--
echo 16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D4D465452snlb xq |dc | |
|
| |
bleearg13
join:2001-03-03
Gaithersburg, MD
| My point was that the large network providers have already upgraded, so at the very least, a large part of the core of the internet is protected against this vulnerability already.
Like most everything else in the media (ie. flu shot shortage, shark attacks, killer bees, etc.), these announcements are often blown out of proportion. There is no need for mass hysteria, because if one gets their internet service from a "Tier 1" ISP, or even a "Tier 2" ISP who needs service from a Tier 1, the problem is already taken care of. | |
|
| | |
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: New Juniper code, too said by bleearg13 : There is no need for mass hysteria, because if one gets their internet service from a "Tier 1" ISP, or even a "Tier 2" ISP who needs service from a Tier 1, the problem is already taken care of. Not if you have a Juniper that hasn't been patched...
--
Stephen J. Friedl • Unix Wizard • Microsoft Security MVP • Tustin, California USA • my web site | |
|
| | | | smcallah
join:2004-08-05
Home
| Re: New Juniper code, too said by Steve : said by bleearg13 : There is no need for mass hysteria, because if one gets their internet service from a "Tier 1" ISP, or even a "Tier 2" ISP who needs service from a Tier 1, the problem is already taken care of. Not if you have a Juniper that hasn't been patched... You won't really find too many non-Tier 1 ISP's that use Junipers. Juniper doesn't really make any "small" routers. Their smallest router is still a 2.5/5 Gig backplane. No one needs all that for their T1's, or even T3's... not even their OC3, unless they've got a need for 16 OC3's in one box. And that doesn't sound like a "small" ISP. | |
|
| | | | |
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: New Juniper code, too said by smcallah : You won't really find too many non-Tier 1 ISP's that use Junipers. The webhosting operation where I'm on staff has two of them, and the router guy (a JCNIE) is making an onsite visit today to perform this upgrade.
Steve
--
Stephen J. Friedl • Unix Wizard • Microsoft Security MVP • Tustin, California USA • my web site | |
|
| | | | |
BeesTea
Network Janitor
Premium,VIP
join:2003-03-08
00000
| Border capacity isn't the only factor when considering router back-plane needs. We use Junipers inside our borders as part of our BGP-based policy system. They have no outside connection to them at all.
Cheers,
-BeesT
--
echo 16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D4D465452snlb xq |dc | |
|
Jeremy341
Bye
Premium
join:2000-01-06
localhost | Flaws? Where? Flaws in software that wasn't produced by Microsoft? No no, this can't be right. Microsoft is the only one who produces software with bugs in it! | |
|
|
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Flaws? Where? said by Jeremy341 : Microsoft is the only one who produces software with bugs in it! They've recently begun to license this technology to others...
--
Stephen J. Friedl • Unix Wizard • Microsoft Security MVP • Tustin, California USA • my web site | |
|
Logan 5
Silver and Black and blue in 2009
Premium,MVM
join:2001-05-25
The WasteLAN
·Pacific Bell - SBC
2 edits | Time to check the appliances.. LOL!  When WILL people learn that there's no such thing as perfect code in the world??
To paraphrase: "If they make it, someone else WILL break it"
'Cmon now, MOST (I said most, not ALL) Black Hats/Hackers/Crackers or whaterver they want to call themselves don't work regular 9-5 day jobs so they have FAR MORE time to pick and poke at code like Cisco's IOS until they can peel enough layers of protection away from it like an onion to get at the soft, vulnerable underbelly that will ALWAYS be there if one looks hard and long enough for it.
Give any reasonably intelligent person enough time and resources, and NO electronic medium wil be safe, which means that vigilance and caution should be the first rule of Network Mangement but it seems like most Admins who get caught with their pants around their ankles when a crisis hits have gotten away from the "Not IF it happens, but *WHEN* it happens" mindset of proactively dealing with hardening their networks and have instead moved to the Chicken Little "It won't happen to me" model of securing and maintaining the system's in their care by denying that problems even exist and have little regard for the consequences, because if they did, they wouldn't be in a position to be exploited in the first place. | |
|
| 
Bobcat
Volvo sucks donkey balls
Premium
join:2001-02-04
Bedminster, NJ
·Verizon Online DSL
| Re: Time to check the appliances.. said by Logan 5 :LOL! When WILL people learn that there's no such thing as perfect code in the world?? Ha! You haven't seen MY code!!  | |
|
grandrivers
join:2005-01-27
Rome, OH
| upgrades get over looked This is a big deal because small ISP's never seem to keep up with code changes. My isp has had major hacks frequently but they still run software that is now more than 3 years old on the mail server almost 100 spam a day and I have never given out my email address | |
|
FLECOM
Bay Networks Freak
Premium
join:2003-03-03
Miami, FL | Pay for patch? I have a Cisco 2620 here at home and I'm guessing I have to re-finance my house to get the latest IOS or will Cisco shock the world and release a free patch?
I'm running c2600-i-mz.122-5d
--
BellSouth sucks | |
|
Cyberprog
Cyberprog
Premium
join:2003-06-27
UK
| Availabilty of a patch. »www.cisco.com/warp/public/707/ci···gp.shtml
»www.cisco.com/warp/public/707/ci···v6.shtml
»www.cisco.com/warp/public/707/ci···es.shtml
All state the following:
Obtaining Fixed Software
Customers with Service Contracts
Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at »www.cisco.com.
Customers using Third-party Support Organizations
Customers whose Cisco products are provided or maintained through prior or existing agreement with third-party support organizations such as Cisco Partners, authorized resellers, or service providers should contact that support organization for assistance with the upgrade, which should be free of charge.
Customers without Service Contracts
Customers who purchase direct from Cisco but who do not hold a Cisco service contract and customers who purchase through third-party vendors but are unsuccessful at obtaining fixed software through their point of sale should get their upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows.
+1 800 553 2447 (toll free from within North America)
+1 408 526 7209 (toll call from anywhere in the world)
e-mail: tac@cisco.com
Please have your product serial number available and give the URL of this notice as evidence of your entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC.
Please do not contact either "psirt@cisco.com" or "security-alert@cisco.com" for software upgrades.
See »www.cisco.com/warp/public/687/Di···AC.shtml for additional TAC contact information, including special localized telephone numbers and instructions and e-mail addresses for use in various languages.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at »www.cisco.com/public/sw-license-···ent.html, or as otherwise set forth at Cisco.com Downloads at »www.cisco.com/public/sw-center/s···wc.shtml.
So you should be able to get a free update of your IOS.
--
Alex Threlfall
Cyberprog New Media
»www.cyberprog.net
Come to think of it, there are already a million monkeys on a million typewriters, and irc is NOTHING like Shakespeare. | |
|
|
|
|
Juniper/Cisco Flaws
