Cisco routers are configured to process and accept Internet Protocol version 4 (IPv4) packets by default. A rare, specially crafted sequence
of IPv4 packets with protocol type 53 (SWIPE), 55 (IP Mobility), 77 (Sun ND), or 103 (Protocol Independent Multicast - PIM) which is handled by
the processor on a Cisco IOS device may force the device to incorrectly flag the input queue on an interface as full, which will cause the
router to stop processing inbound traffic on that interface. This can
cause routing protocols to drop due to dead timers.
"
I had previously called tac@cisco.com for security patches for our Cisco devices not covered by any service contract. The response was quick, and the quality of service was very high. I got the patches I wanted very quickly without paying a cent! It was really a good experience.
Most mass mailing worms send infected email with forged sender address. This technique seems can stop large number of these emails too (except when the domain of the forged address is the same as the domain of the real one). This reduces the number of complaints against the wrong person of sending virus.
Slashdot Mirror
Just Received the following message from incidents@securityfocus.com mailing list:
3 0717-blocked.shtml
" Cisco has updated the advisory to include details on the exploit.
http://www.cisco.com/warp/public/707/cisco-sa-200
Cisco routers are configured to process and accept Internet Protocol version 4 (IPv4) packets by default. A rare, specially crafted sequence of IPv4 packets with protocol type 53 (SWIPE), 55 (IP Mobility), 77 (Sun ND), or 103 (Protocol Independent Multicast - PIM) which is handled by the processor on a Cisco IOS device may force the device to incorrectly flag the input queue on an interface as full, which will cause the router to stop processing inbound traffic on that interface. This can cause routing protocols to drop due to dead timers. "
I had previously called tac@cisco.com for security patches for our Cisco devices not covered by any service contract. The response was quick, and the quality of service was very high. I got the patches I wanted very quickly without paying a cent! It was really a good experience.
Most mass mailing worms send infected email with forged sender address. This technique seems can stop large number of these emails too (except when the domain of the forged address is the same as the domain of the real one). This reduces the number of complaints against the wrong person of sending virus.