[scg-sec] attacks re: telnet issue
Wendy Garvin
wgarvin at cisco.com
Mon Aug 30 01:45:57 EDT 2004
Sean,
It's not clear that the new reports are of a new crew that's figured out the
detail of the window size which is necessary to recreate this. It could be
the same group of people exploiting it which forced us to go public, or it
could be that those people sold or gave away the information, or it could be
that someone new has figured it out. That's one of the reasons we're digging
into it, trying to narrow it down.
Thanks,
-Wendy
> Sean Donelan <sean at donelan.com> [2004-08-29 21:52] wrote:
> On Sun, 29 Aug 2004, Wendy Garvin wrote:
> > There have been a few scattered stories of attacks on the telnet issue we
> > announced last week. You all already know how to protect yourselves, and I'm
> > sure the few places you didn't have VTY ACLs you do now.
>
> They figured out the specially constructed packet? Or they are just
> continuing to bang on Cisco Telnet ports like always?
>
> sean donelan
> sbc internet security
>
>
> [ ----- End of Included Message ----- ]
--
Wendy Garvin - Cisco PSIRT - 408 525-1888 CCIE# 6526
----------------------------------------------------
http://www.cisco.com/go/psirt
More information about the scg-sec
mailing list