[CLUE-Tech] Cisco 675 PPP vs. Bridging modes
David Anselmi
anselmi at intradenver.net
Fri Aug 10 12:48:34 MDT 2001
Some code red specifics:
The URI code red sends hangs 67x routers, if code red can get to the http
port on the router. You can protect yourself by disabling the web server
and/or changing the port it listens on (this is what the qwest and frii
directions instruct).
According to Cisco
(http://www.cisco.com/warp/public/707/CBOS-multiple.shtml) this and other
vulnerabilities are fixed in CBOS 2.3.9 and 2.4.1 (the latest available
from qwest).
It should also help to set a filter to prevent external connections to
the 67x. Directions are here http://www.users.qwest.net/~rlutton/ADSL/
(this has lots of good info on these routers).
Dave
JL Kottal wrote:
> Hello,
>
> This message was posted both BLUG and CLUE-tech.
>
> Could someone(s) please compare and contrast the bridging and the PPP
> modes for a Cisco 675 router, vis-a-vis the advantages and
> disadvantages, bandwidth, security, etc.?
>
> I am currently using an ISP with the 675 in PPP mode and, in spite of
> having applied the 675 CBOS upgrade and redirecting the HTTP port, I
> am still getting killed by the Code Red worm. Someone has suggested
> that placing the 675 in the bridging mode will eliminate this
> vulnerability.
>
> I talked to my ISP, who swears that the bridging mode is the worst
> possible way to run this router, but I am not sure that I understand
> their reasons because they sounded like so much double-talk.
>
> Thus I pose my question to a relatively unbiased group and hope that
> this does not cause a flame war ... <g>
>
> JohnK
>
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list