[nsp-sec] Oh well, that didn't take long...
Kevin Oberman
oberman at es.net
Sun Jan 10 00:31:46 EST 2010
> Date: Sun, 10 Jan 2010 01:17:56 -0330
> From: "White, Gerard" <Gerard.White at bellaliant.ca>
> Sender: nsp-security-bounces at puck.nether.net
>
> ----------- nsp-security Confidential --------
>
> Well its not python/scapy, but yes, perl will do the job as well:
>
>
>
> http://seclists.org/fulldisclosure/2010/Jan/136
>
>
>
> BTW, a strong firewall filter applied to the loopback interface can
> stop the attack
>
> (at least for my testing with 9.3R2.8 - which is vulnerable)
This is very interesting news...especially since Juniper support assured
us that filtering on the router under attack would not help, though a
filter on an upstream router that was running fixed code would.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
More information about the nsp-security
mailing list