Hosting Provided By

RE: [Full-Disclosure] Re: Cisco IOS Denial of Service that affects most Cisco IOS routers- requires power cycle to recover

From: <lee.e.rian(at)census.gov>
Date: Wed Jul 23 2003 - 13:43:02 EDT

On July 22 Curt Purdy <purdy@tecman.com> said >
> If the packet expires in transit i.e. ttl 1 to router 2 hops away means
it
> never gets to that router. Not possible to fill a queue with a packet
that
> is dropped by the previous router.

Someone said that having the TTL of an evil packet expire on a vulnerable router was enough to cause the problem. The reasoning made sense - the TTL expires so the packet gets bumped up to process level, put on the input queue and never comes off. But I haven't been able to duplicate that and was wondering if it was a bogus report or my testing was ummm... less that perfect.

So... has anyone been able to verify that the problem occurs when the TTL expires without the packet being addressed to the router? Or is it a requirement that the evil packet be addressed to the router?

Regards,
Lee

Received on Thu Jul 24 14:08:51 2003

This message: [ Message body ]
Next message: Russell Harding: "Re: Port 0 packets"
Previous message: Cedric Blancher: "RE: [Full-Disclosure] Re: Cisco IOS Denial of Service that affects most Cisco IOS routers- requires power cycle to recover"
In reply to Curt Purdy: "RE: [Full-Disclosure] Re: Cisco IOS Denial of Service that affects most Cisco IOS routers- requires power cycle to recover"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:12 EDT