Re: [nsp] Cisco Security Advisory: Scanning for SSH Can Cause a Crash

From: Jared Mauch (jared@puck.nether.net)
Date: Thu Jun 27 2002 - 14:48:52 EDT


        Depends on which software.

        if you have a unit that can handle it, you may want to deny ssh
on intfs inbound to all ips your router has.

        - jared

On Thu, Jun 27, 2002 at 02:51:59PM -0400, Charles Sprickman wrote:
> Any idea if a vty access list is enough protection? It seems it may come
> too late:
>
> toolbox[/var/qmail/supervise/qmail-send]# telnet x.x.x.x 22
> Trying x.x.x.x...
> Connected to x.x.x.x
> Escape character is '^]'.
> Connection closed by foreign host.
>
> Thanks,
>
> Charles
> --
> Charles Sprickman
> spork@inch.com

-- 
Jared Mauch  | pgp key available via finger from jared@puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:01 EDT