|
Full Disclosure
mailing list archives
Re: Should nmap cause a DoS on cisco routers?
From: "Dobbins, Roland" <rdobbins () arbor net>
Date: Thu, 1 Jul 2010 11:07:36 +0000
On Jul 1, 2010, at 5:23 PM, Thierry Zoller wrote:
If a device crashes when being scanned - it's a vulnerability.
It sounds to me as if what happened was that he ended up driving the CPUs of the devices in question to 100%, and they
stopped handling control-plane traffic and fell over. There are infrastructure self-protection best current practices
(BCPs) which can be deployed to defend against infrastructure-targeted DoS.
I've only seen this happen a few hundred times or so, so I could be wrong, of course.
;>
As the original poster posited:
Is this a configuration error of the networking devices?
The answer is, almost assuredly, "Yes."
-----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>
Injustice is relatively easy to bear; what stings is justice.
-- H.L. Mencken
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
(Thread continues...)
|
