[c-nsp] Is Nachi Worm Mitigation Measure Still Necessary in Campus?

Jared Mauch jared at puck.nether.net
Wed May 27 10:44:13 EDT 2009

I would remove it.  There is an endless list of things you can attempt  
to mitigate.

I'm sure some devices are still infected/scanning for CodeRed.

	- Jared

On May 27, 2009, at 10:31 AM, schilling wrote:

> Hi All,
> We have PBR which drops 92 bytes icmp echo/echo-reply applied on our
> enterprise backbone(Catalyst 6500/Sup7203BXL)  links and all customer
> access VLANs. There are several issues, icmp echo/echo-reply are
> punted to cpu, it breaks windows tracert/ping, and it's harder to
> implement the Control Plane Policing(CoPP) regarding the icmp
> messages.   Is is still necessary to keep the PBR in place nowadays?

More information about the cisco-nsp mailing list