Just for my understanding,
if SSH is not enabled on a Cisco device (which has an IOS/CATOS that
supports SSH) this vulnerability is not applicable,
am I correct ?
SH
-----Original Message-----
From: Jared Mauch [mailto:jared@puck.nether.net]
Sent: Thursday, June 27, 2002 2:49 PM
To: Charles Sprickman
Cc: cisco-nsp@puck.nether.net
Subject: Re: [nsp] Cisco Security Advisory: Scanning for SSH Can Cause a
Crash
Depends on which software.
if you have a unit that can handle it, you may want to deny ssh
on intfs inbound to all ips your router has.
- jared
On Thu, Jun 27, 2002 at 02:51:59PM -0400, Charles Sprickman wrote:
> Any idea if a vty access list is enough protection? It seems it may come
> too late:
>
> toolbox[/var/qmail/supervise/qmail-send]# telnet x.x.x.x 22
> Trying x.x.x.x...
> Connected to x.x.x.x
> Escape character is '^]'.
> Connection closed by foreign host.
>
> Thanks,
>
> Charles
> --
> Charles Sprickman
> spork@inch.com
-- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:02 EDT