[c-nsp] Is Nachi Worm Mitigation Measure Still Necessary in Campus?
Jared Mauch
jared at puck.nether.net
Wed May 27 10:44:13 EDT 2009
I would remove it. There is an endless list of things you can attempt
to mitigate.
I'm sure some devices are still infected/scanning for CodeRed.
- Jared
On May 27, 2009, at 10:31 AM, schilling wrote:
> Hi All,
>
> We have PBR which drops 92 bytes icmp echo/echo-reply applied on our
> enterprise backbone(Catalyst 6500/Sup7203BXL) links and all customer
> access VLANs. There are several issues, icmp echo/echo-reply are
> punted to cpu, it breaks windows tracert/ping, and it's harder to
> implement the Control Plane Policing(CoPP) regarding the icmp
> messages. Is is still necessary to keep the PBR in place nowadays?
More information about the cisco-nsp
mailing list