Test
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1998 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1997 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1996 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1995 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1994 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1993 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1992 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
March 2008
- 217 participants
- 117 discussions
I referenced LAN rooms as an expedient and to highlight an irony. The point is,
smaller, less-concentrated, distributed enclosures suffice nicely for many
purposes, similar to how Google's distributed containers and Sun Micro's Data
Centers in a box do. And while LAN rooms that have been vacated, as a result of
using collapsed fiber, might fit these needs, since they would have been already
powered and conditioned in many cases, those could actually be reclaimed by
tenants and landlords as usable floor space in many cases.
>I suppose the maintenance industry would love the surge in extra
>contracts to keep all the gear running....
Your supposition is open to wide interpretation. I'll take it to mean that you
think "more" gear, not less, will require maintenance. Maybe in some cases, but
in the vast majority not.
Consider a multi-story commercial building that is entirely devoid of UTP-based
switches, but instead is supported over fiber to a colo or managed service
provider location. Why would this building require L2/3 aggregation switches and
routers, simply to get in and out, if it hasn't any access switches inside? It
wouldn't require any routers, is my point. This reduces the number of boxes
reqired by a factor of two or more, since I no longer require routers onsite, and
I no longer require their mates in the upstream or colos. I wouldn't require a
classical in-building L3 hierarchy employing high-end routers at the distribution
and core levels at all, or I'd require a lot fewer of them. Extending this
rationale further, the level of logistics and LAN element administration required
to keep on-prem applications humming is also reduced, ir not eliminated, and/or
could easily be sourced more efficiently elsewhere. I.e., from a CLI or Web
browser the LAN admin could be doing her thing from Mumbai (and in some cases
this is already being done) or from home. So there's actually "less" gear to
manage, not more.
I realize this isn't a one-size-fits all model, and I didn't intend to make it
appear that it was. But for the vast majority of enterprise buildings with
tenants occupying large contiguous areas, I think it makes a great deal of sense,
or at least would be worth evaluating to determine if it does.
Frank A. Coluccio
DTI Consulting Inc.
212-587-8150 Office
347-526-6788 Mobile
On Sat Mar 29 18:30 , david raistrick sent:
>On Sat, 29 Mar 2008, Frank Coluccio wrote:
>
>> In fact, those same servers, and a host of other storage and network
>> elements, can be returned to the LAN rooms and closets of most
>> commercial buildings from whence they originally came prior to the
>
>How does that work? So now we buy a whole bunch of tiny gensets, and a
>whole bunch of baby UPSen and smaller cooling units to support little
>datacenters? Not to mention diverse paths to each point..
>
>Didn't we (the customers) try that already and realize that it's rather
>unmanagable?
>
>
>I suppose the maintenance industry would love the surge in extra
>contracts to keep all the gear running....
>
>
>I suppose the maintenance industry would love the surge in extra
>contracts to keep all the gear running....
>..david
>
>
>---
>david raistrick http://www.netmeister.org/news/learn2quote.html
>drais(a)icantclick.org http://www.expita.com/nomime.html
>
2
1
Could someone from AS7018 (AT&T) please contact me about a
route you are originating that is hijacking/blackholing traffic?
The route is:
66.235.248.0/22
- Kevin
2
1
We are looking to purchase NXDOMAIN data for an internet survey.
We prefer to receive the data on an hourly basis so it is as fresh as
possible. Our system receives the data from you via ftp that you provide.
Its hard to value the data until we have taken a look at it. As one example,
we pay a current partner $4000 per month for 100,000 records per day. If you
would like to setup a test so we can determine the value of your data please
contact me at raydemain(a)gmail.com.
Please note that if you can also bring in other partners we will pay a 10%
recurring finders fee.
Ray
10
16
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
Daily listings are sent to bgp-stats(a)lists.apnic.net
For historical data, please see http://thyme.apnic.net.
If you have any comments please contact Philip Smith <pfs(a)cisco.com>.
Routing Table Report 04:00 +10GMT Sat 29 Mar, 2008
Report Website: http://thyme.apnic.net
Detailed Analysis: http://thyme.apnic.net/current/
Analysis Summary
----------------
BGP routing table entries examined: 250362
Prefixes after maximum aggregation: 125916
Deaggregation factor: 1.99
Unique aggregates announced to Internet: 121576
Total ASes present in the Internet Routing Table: 27752
Prefixes per ASN: 9.02
Origin-only ASes present in the Internet Routing Table: 24169
Origin ASes announcing only one prefix: 11220
Transit ASes present in the Internet Routing Table: 3583
Transit-only ASes present in the Internet Routing Table: 76
Average AS path length visible in the Internet Routing Table: 3.6
Max AS path length visible: 18
Max AS path prepend of ASN (43380) 13
Prefixes from unregistered ASNs in the Routing Table: 25295
Unregistered ASNs in the Routing Table: 1915
Number of 32-bit ASNs allocated by the RIRs: 47
Prefixes from 32-bit ASNs in the Routing Table: 8
Special use prefixes present in the Routing Table: 0
Prefixes being announced from unallocated address space: 855
Number of addresses announced to Internet: 1851948960
Equivalent to 110 /8s, 98 /16s and 127 /24s
Percentage of available address space announced: 50.0
Percentage of allocated address space announced: 61.4
Percentage of available address space allocated: 81.4
Percentage of address space in use by end-sites: 71.0
Total number of prefixes smaller than registry allocations: 119223
APNIC Region Analysis Summary
-----------------------------
Prefixes being announced by APNIC Region ASes: 42339
Total APNIC prefixes after maximum aggregation: 13317
APNIC Deaggregation factor: 3.18
Prefixes being announced from the APNIC address blocks: 54523
Unique aggregates announced from the APNIC address blocks: 23244
APNIC Region origin ASes present in the Internet Routing Table: 1909
APNIC Prefixes per ASN: 28.56
APNIC Region origin ASes announcing only one prefix: 554
APNIC Region transit ASes present in the Internet Routing Table: 352
Average APNIC Region AS path length visible: 3.6
Max APNIC Region AS path length visible: 18
Number of APNIC addresses announced to Internet: 337576544
Equivalent to 20 /8s, 31 /16s and 2 /24s
Percentage of available APNIC address space announced: 77.4
APNIC AS Blocks 4608-4864, 7467-7722, 9216-10239, 17408-18431
(pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079
APNIC Address Blocks 58/8, 59/8, 60/8, 61/8, 114/8, 115/8, 116/8,
117/8, 118/8, 119/8, 120/8, 121/8, 122/8, 123/8,
124/8, 125/8, 126/8, 202/8, 203/8, 210/8, 211/8,
218/8, 219/8, 220/8, 221/8, 222/8,
ARIN Region Analysis Summary
----------------------------
Prefixes being announced by ARIN Region ASes: 106733
Total ARIN prefixes after maximum aggregation: 58780
ARIN Deaggregation factor: 1.82
Prefixes being announced from the ARIN address blocks: 85545
Unique aggregates announced from the ARIN address blocks: 33880
ARIN Region origin ASes present in the Internet Routing Table: 11657
ARIN Prefixes per ASN: 7.34
ARIN Region origin ASes announcing only one prefix: 4528
ARIN Region transit ASes present in the Internet Routing Table: 1042
Average ARIN Region AS path length visible: 3.4
Max ARIN Region AS path length visible: 16
Number of ARIN addresses announced to Internet: 360984448
Equivalent to 21 /8s, 132 /16s and 47 /24s
Percentage of available ARIN address space announced: 74.2
ARIN AS Blocks 1-1876, 1902-2042, 2044-2046, 2048-2106
(pre-ERX allocations) 2138-2584, 2615-2772, 2823-2829, 2880-3153
3354-4607, 4865-5119, 5632-6655, 6912-7466
7723-8191, 10240-12287, 13312-15359, 16384-17407
18432-20479, 21504-23551, 25600-26591,
26624-27647, 29696-30719, 31744-33791
35840-36863, 39936-40959
ARIN Address Blocks 24/8, 63/8, 64/8, 65/8, 66/8, 67/8, 68/8,
69/8, 70/8, 71/8, 72/8, 73/8, 74/8, 75/8,
76/8, 96/8, 97/8, 98/8, 99/8, 173/8, 174/8,
199/8, 204/8, 205/8, 206/8, 207/8, 208/8, 209/8,
216/8,
RIPE Region Analysis Summary
----------------------------
Prefixes being announced by RIPE Region ASes: 53206
Total RIPE prefixes after maximum aggregation: 33043
RIPE Deaggregation factor: 1.61
Prefixes being announced from the RIPE address blocks: 48775
Unique aggregates announced from the RIPE address blocks: 32684
RIPE Region origin ASes present in the Internet Routing Table: 11085
RIPE Prefixes per ASN: 4.40
RIPE Region origin ASes announcing only one prefix: 5781
RIPE Region transit ASes present in the Internet Routing Table: 1703
Average RIPE Region AS path length visible: 4.0
Max RIPE Region AS path length visible: 18
Number of RIPE addresses announced to Internet: 350432384
Equivalent to 20 /8s, 227 /16s and 44 /24s
Percentage of available RIPE address space announced: 80.3
RIPE AS Blocks 1877-1901, 2043, 2047, 2107-2136, 2585-2614
(pre-ERX allocations) 2773-2822, 2830-2879, 3154-3353, 5377-5631
6656-6911, 8192-9215, 12288-13311, 15360-16383
20480-21503, 24576-25599, 28672-29695
30720-31743, 33792-35839, 38912-39935
40960-45055
RIPE Address Blocks 62/8, 77/8, 78/8, 79/8, 80/8, 81/8, 82/8,
83/8, 84/8, 85/8, 86/8, 87/8, 88/8, 89/8,
90/8, 91/8, 92/8, 93/8, 94/8, 95/8, 193/8,
194/8, 195/8, 212/8, 213/8, 217/8,
LACNIC Region Analysis Summary
------------------------------
Prefixes being announced by LACNIC Region ASes: 19204
Total LACNIC prefixes after maximum aggregation: 4812
LACNIC Deaggregation factor: 3.99
Prefixes being announced from the LACNIC address blocks: 17548
Unique aggregates announced from the LACNIC address blocks: 9612
LACNIC Region origin ASes present in the Internet Routing Table: 883
LACNIC Prefixes per ASN: 19.87
LACNIC Region origin ASes announcing only one prefix: 277
LACNIC Region transit ASes present in the Internet Routing Table: 154
Average LACNIC Region AS path length visible: 4.0
Max LACNIC Region AS path length visible: 16
Number of LACNIC addresses announced to Internet: 49885696
Equivalent to 2 /8s, 249 /16s and 50 /24s
Percentage of available LACNIC address space announced: 49.6
LACNIC AS Blocks 26592-26623, 27648-28671, plus ERX transfers
LACNIC Address Blocks 186/8, 187/8, 189/8, 190/8, 200/8, 201/8,
AfriNIC Region Analysis Summary
-------------------------------
Prefixes being announced by AfriNIC Region ASes: 3584
Total AfriNIC prefixes after maximum aggregation: 1124
AfriNIC Deaggregation factor: 3.19
Prefixes being announced from the AfriNIC address blocks: 3987
Unique aggregates announced from the AfriNIC address blocks: 1808
AfriNIC Region origin ASes present in the Internet Routing Table: 234
AfriNIC Prefixes per ASN: 17.04
AfriNIC Region origin ASes announcing only one prefix: 80
AfriNIC Region transit ASes present in the Internet Routing Table: 45
Average AfriNIC Region AS path length visible: 3.8
Max AfriNIC Region AS path length visible: 14
Number of AfriNIC addresses announced to Internet: 10167552
Equivalent to 0 /8s, 155 /16s and 37 /24s
Percentage of available AfriNIC address space announced: 30.3
AfriNIC AS Blocks 36864-37887 & ERX transfers
AfriNIC Address Blocks 41/8, 196/8,
APNIC Region per AS prefix count summary
----------------------------------------
ASN No of nets /20 equiv MaxAgg Description
4755 1619 387 87 Videsh Sanchar Nigam Ltd. Aut
9583 1152 140 16 Sify Limited
9498 1129 550 63 BHARTI BT INTERNET LTD.
17488 1045 67 83 Hathway IP Over Cable Interne
4134 859 12487 319 CHINANET-BACKBONE
4766 850 6005 341 Korea Telecom (KIX)
18101 673 126 52 Reliance Infocom Ltd Internet
9829 586 450 12 BSNL National Internet Backbo
4812 562 969 92 China Telecom (Shanghai)
1221 542 1950 418 Telstra Pty Ltd
Complete listing at http://thyme.apnic.net/current/data-ASnet-APNIC
ARIN Region per AS prefix count summary
---------------------------------------
ASN No of nets /20 equiv MaxAgg Description
7018 1427 5927 1009 AT&T WorldNet Services
2386 1399 658 851 AT&T Data Communications Serv
4323 1396 1028 368 Time Warner Telecom
11492 1219 147 23 Cable One
7011 1082 315 615 Citizens Utilities
18566 1046 296 10 Covad Communications
1785 1007 479 107 AppliedTheory Corporation
6197 989 728 477 BellSouth Network Solutions,
174 966 6834 812 Cogent Communications
20115 915 859 508 Charter Communications
Complete listing at http://thyme.apnic.net/current/data-ASnet-ARIN
RIPE Region per AS prefix count summary
---------------------------------------
ASN No of nets /20 equiv MaxAgg Description
3292 398 1777 362 TDC Tele Danmark
8452 358 188 7 TEDATA
3301 341 1459 310 TeliaNet Sweden
3320 322 7045 267 Deutsche Telekom AG
8866 293 78 24 Bulgarian Telecommunication C
5462 292 666 26 Telewest Broadband
3215 278 2671 91 France Telecom Transpac
6746 264 127 242 Dynamic Network Technologies,
680 259 2046 258 DFN-IP service G-WiN
9155 254 46 11 QualityNet AS number
Complete listing at http://thyme.apnic.net/current/data-ASnet-RIPE
LACNIC Region per AS prefix count summary
-----------------------------------------
ASN No of nets /20 equiv MaxAgg Description
8151 1187 2448 222 UniNet S.A. de C.V.
11830 555 299 9 Instituto Costarricense de El
7303 452 220 60 Telecom Argentina Stet-France
16814 426 27 10 NSS, S.A.
11172 410 117 69 Servicios Alestra S.A de C.V
6471 396 85 39 ENTEL CHILE S.A.
10620 396 104 50 TVCABLE BOGOTA
14117 352 25 15 Telefonica del Sur S.A.
22047 322 270 14 VTR PUNTO NET S.A.
10481 310 152 10 Prima S.A.
Complete listing at http://thyme.apnic.net/current/data-ASnet-LACNIC
AfriNIC Region per AS prefix count summary
------------------------------------------
ASN No of nets /20 equiv MaxAgg Description
24863 452 60 27 LINKdotNET AS number
3741 287 869 223 The Internet Solution
2018 258 276 112 Tertiary Education Network
20858 183 34 3 EgyNet
6713 143 135 11 Itissalat Al-MAGHRIB
33783 130 9 16 EEPAD TISP TELECOM & INTERNET
5536 121 8 16 Internet Egypt Network
33776 99 6 7 Starcomms Nigeria Limited
24835 89 48 7 RAYA Telecom - Egypt
2905 83 176 74 The Internetworking Company o
Complete listing at http://thyme.apnic.net/current/data-ASnet-AFRINIC
Global Per AS prefix count summary
----------------------------------
ASN No of nets /20 equiv MaxAgg Description
6389 1914 3009 94 bellsouth.net, inc.
23577 1634 34 699 Korea Telecom (ATM-MPLS)
4755 1619 387 87 Videsh Sanchar Nigam Ltd. Aut
7018 1427 5927 1009 AT&T WorldNet Services
2386 1399 658 851 AT&T Data Communications Serv
4323 1396 1028 368 Time Warner Telecom
11492 1219 147 23 Cable One
8151 1187 2448 222 UniNet S.A. de C.V.
9583 1152 140 16 Sify Limited
9498 1129 550 63 BHARTI BT INTERNET LTD.
Complete listing at http://thyme.apnic.net/current/data-ASnet
Global Per AS Maximum Aggr summary
----------------------------------
ASN No of nets Net Savings Description
4755 1619 1532 Videsh Sanchar Nigam Ltd. Aut
11492 1219 1196 Cable One
9583 1152 1136 Sify Limited
9498 1129 1066 BHARTI BT INTERNET LTD.
18566 1046 1036 Covad Communications
4323 1396 1028 Time Warner Telecom
8151 1187 965 UniNet S.A. de C.V.
17488 1045 962 Hathway IP Over Cable Interne
17676 1018 952 Softbank BB Corp.
23577 1634 935 Korea Telecom (ATM-MPLS)
Complete listing at http://thyme.apnic.net/current/data-CIDRnet
List of Unregistered Origin ASNs (Global)
-----------------------------------------
Bad AS Designation Network Transit AS Description
14780 UNALLOCATED 4.79.181.0/24 10310 Yahoo!
12180 UNALLOCATED 4.79.248.0/24 1239 Sprint
26478 UNALLOCATED 8.7.228.0/24 6461 AboveNet Communicati
12180 UNALLOCATED 8.10.16.0/24 3549 Global Crossing
12180 UNALLOCATED 8.10.58.0/23 3549 Global Crossing
14779 UNALLOCATED 8.12.144.0/24 10310 Yahoo!
16927 UNALLOCATED 12.0.252.0/23 7018 AT&T WorldNet Servic
22492 UNALLOCATED 12.2.46.0/24 1239 Sprint
14984 UNALLOCATED 12.2.192.0/24 7132 SBC Internet Service
15132 UNALLOCATED 12.9.150.0/24 701 UUNET Technologies,
Complete listing at http://thyme.apnic.net/current/data-badAS
Advertised Unallocated Addresses
--------------------------------
Network Origin AS Description
24.51.159.0/24 7843 Adelphia Corp.
24.54.224.0/19 20001 HoldCo LLC - Road Runner
24.75.160.0/19 7843 Adelphia Corp.
24.75.192.0/18 7843 Adelphia Corp.
24.142.40.0/21 7018 AT&T WorldNet Services
24.142.160.0/19 7018 AT&T WorldNet Services
24.246.0.0/17 7018 AT&T WorldNet Services
24.246.128.0/18 7018 AT&T WorldNet Services
62.61.220.0/24 24974 Tachyon Europe BV - Wireless
63.140.213.0/24 22555 Universal Talkware Corporatio
Complete listing at http://thyme.apnic.net/current/data-add-IANA
Number of prefixes announced per prefix length (Global)
-------------------------------------------------------
/1:0 /2:0 /3:0 /4:0 /5:0 /6:0
/7:0 /8:19 /9:9 /10:16 /11:41 /12:137
/13:277 /14:499 /15:997 /16:9813 /17:4312 /18:7285
/19:15269 /20:17525 /21:16771 /22:21294 /23:22327 /24:131495
/25:775 /26:894 /27:483 /28:106 /29:9 /30:1
/31:0 /32:8
Advertised prefixes smaller than registry allocations
-----------------------------------------------------
ASN No of nets Total ann. Description
11492 1205 1219 Cable One
2386 1099 1399 AT&T Data Communications Serv
18566 1027 1046 Covad Communications
9583 987 1152 Sify Limited
7011 964 1082 Citizens Utilities
4755 962 1619 Videsh Sanchar Nigam Ltd. Aut
6478 893 894 AT&T Worldnet Services
17488 860 1045 Hathway IP Over Cable Interne
23577 808 1634 Korea Telecom (ATM-MPLS)
9498 804 1129 BHARTI BT INTERNET LTD.
Complete listing at http://thyme.apnic.net/current/data/sXXas-nos
Number of /24s announced per /8 block (Global)
----------------------------------------------
4:9 8:102 12:1998 13:1 15:20 16:3
17:6 18:13 20:35 24:1046 25:1 32:60
33:4 38:407 40:95 41:634 44:2 47:8
52:3 55:3 56:3 57:22 58:513 59:423
60:423 61:987 62:1087 63:1957 64:3360 65:2370
66:3607 67:1092 68:654 69:2110 70:541 71:127
72:1540 73:6 74:899 75:221 76:284 77:617
78:543 79:111 80:892 81:831 82:607 83:370
84:522 85:943 86:388 87:628 88:322 89:1207
90:11 91:1126 92:238 93:166 96:19 97:16
98:108 99:3 116:582 117:280 118:102 119:380
121:465 122:719 123:303 124:834 125:1125 128:325
129:198 130:124 131:405 132:69 133:9 134:188
135:32 136:222 137:119 138:155 139:65 140:483
141:110 142:380 143:279 144:347 145:54 146:338
147:133 148:496 149:180 150:121 151:159 152:142
153:127 154:11 155:266 156:207 157:254 158:167
159:223 160:245 161:110 162:206 163:219 164:572
165:433 166:296 167:314 168:594 169:130 170:426
171:28 172:3 189:165 190:1582 192:5769 193:4089
194:3259 195:2379 196:1075 198:3761 199:3235 200:5519
201:1322 202:7543 203:7774 204:3986 205:2111 206:2413
207:2721 208:3223 209:3472 210:2525 211:1033 212:1326
213:1610 214:453 215:48 216:4278 217:1197 218:349
219:404 220:1062 221:402 222:312
End of report
1
0
BGP Update Report
Interval: 25-Feb-08 -to- 27-Mar-08 (32 days)
Observation Point: BGP Peering with AS2.0
TOP 20 Unstable Origin AS
Rank ASN Upds % Upds/Pfx AS-Name
1 - AS9498 119461 1.8% 94.6 -- BBIL-AP BHARTI BT INTERNET LTD.
2 - AS24731 76983 1.2% 916.5 -- ASN-NESMA National Engineering Services and Marketing Company Ltd. (NESMA)
3 - AS9121 58711 0.9% 23.2 -- TTNET TTnet Autonomous System
4 - AS4795 58375 0.9% 263.0 -- INDOSAT2-ID INDOSATM2 ASN
5 - AS17974 57498 0.9% 85.9 -- TELKOMNET-AS2-AP PT Telekomunikasi Indonesia
6 - AS9583 53390 0.8% 45.7 -- SIFY-AS-IN Sify Limited
7 - AS8151 48530 0.7% 40.4 -- Uninet S.A. de C.V.
8 - AS26829 42684 0.6% 42684.0 -- YKK-USA - YKK USA,INC
9 - AS18306 42224 0.6% 1141.2 -- MASANHANANET-AS-KR HANANET
10 - AS14895 36884 0.6% 12294.7 -- LAWSON-SOFTWARE - Lawson Software
11 - AS9829 33380 0.5% 55.8 -- BSNL-NIB National Internet Backbone
12 - AS6140 32406 0.5% 47.0 -- IMPSAT-USA - ImpSat USA, Inc.
13 - AS24863 32157 0.5% 70.7 -- LINKdotNET-AS
14 - AS11830 32075 0.5% 13.8 -- Instituto Costarricense de Electricidad y Telecom.
15 - AS22773 31655 0.5% 34.7 -- CCINET-2 - Cox Communications Inc.
16 - AS2386 28515 0.4% 20.0 -- INS-AS - AT&T Data Communications Services
17 - AS1239 27883 0.4% 7.3 -- SPRINTLINK - Sprint
18 - AS23005 27262 0.4% 1817.5 -- SWITCH-COMMUNICATIONS - SWITCH Communications Group LLC
19 - AS10481 24866 0.4% 29.2 -- Prima S.A.
20 - AS9198 24217 0.4% 65.3 -- KAZTELECOM-AS Kazakhtelecom Corporate Sales Administration
TOP 20 Unstable Origin AS (Updates per announced prefix)
Rank ASN Upds % Upds/Pfx AS-Name
1 - AS26829 42684 0.6% 42684.0 -- YKK-USA - YKK USA,INC
2 - AS19334 23016 0.3% 23016.0 -- SPORTLINE-DBC - SPORTLINE
3 - AS17487 20997 0.3% 20997.0 -- ICBCASIA-AP Industrial and Commercial Bank
4 - AS13495 20642 0.3% 20642.0 -- NTT do Brasil Telecomunicaoes Ltda
5 - AS21291 15011 0.2% 15011.0 -- OMEGABANK 8 Dragatsaniou str
6 - AS42787 13141 0.2% 13141.0 -- MMIP-AS MultiMedia IP Ltd.
7 - AS14895 36884 0.6% 12294.7 -- LAWSON-SOFTWARE - Lawson Software
8 - AS30929 7785 0.1% 7785.0 -- HUTCB Hidrotechnical Faculty - Technical University
9 - AS41907 6576 0.1% 6576.0 -- POLFA PZPF Polfa
10 - AS29225 6568 0.1% 6568.0 -- TAIF-TELCOM-AS JSC TAIF-TELCOM
11 - AS19017 3421 0.1% 3421.0 -- QUALCOMM-QWBS-LV - Qualcomm Wireless Business Solutions
12 - AS15136 3186 0.1% 3186.0 -- AS-NSPOF - NSPOF Communications Inc
13 - AS36975 3059 0.1% 3059.0 -- CBA-AS
14 - AS44656 2652 0.0% 2652.0 -- HOLOSFIND-ROMANIA HOLOSFIND SRL
15 - AS29910 2188 0.0% 2188.0 -- IACP - INTL. ASSN OF CHIEF OF POLICEI
16 - AS40011 2091 0.0% 2091.0 -- 65-79-192-0-SYNIVERSE-CRX - Panhandle Telecommunications Systems, INC.
17 - AS9747 18616 0.3% 2068.4 -- EZINTERNET-AS-AP EZInternet Pty Ltd
18 - AS35324 1868 0.0% 1868.0 -- ECH-WILL-AS E.C.H. Will
19 - AS23005 27262 0.4% 1817.5 -- SWITCH-COMMUNICATIONS - SWITCH Communications Group LLC
20 - AS23484 12566 0.2% 1795.1 -- PACENET - Pace University
TOP 20 Unstable Prefixes
Rank Prefix Upds % Origin AS -- AS Name
1 - 125.23.208.0/20 44476 0.6% AS9498 -- BBIL-AP BHARTI BT INTERNET LTD.
2 - 12.108.254.0/24 42684 0.6% AS26829 -- YKK-USA - YKK USA,INC
3 - 203.101.87.0/24 35927 0.5% AS9498 -- BBIL-AP BHARTI BT INTERNET LTD.
4 - 202.140.63.0/24 29830 0.4% AS17443 -- ESTELCOM-AP International Internet gateway , India
AS9498 -- BBIL-AP BHARTI BT INTERNET LTD.
5 - 64.79.128.0/19 27150 0.4% AS23005 -- SWITCH-COMMUNICATIONS - SWITCH Communications Group LLC
6 - 63.169.11.0/24 23016 0.3% AS19334 -- SPORTLINE-DBC - SPORTLINE
7 - 125.57.60.0/24 21655 0.3% AS18306 -- MASANHANANET-AS-KR HANANET
8 - 220.241.83.0/24 20997 0.3% AS17487 -- ICBCASIA-AP Industrial and Commercial Bank
9 - 200.194.64.0/19 20642 0.3% AS13495 -- NTT do Brasil Telecomunicaoes Ltda
10 - 211.175.148.0/24 19452 0.3% AS18306 -- MASANHANANET-AS-KR HANANET
11 - 203.63.26.0/24 18492 0.3% AS9747 -- EZINTERNET-AS-AP EZInternet Pty Ltd
12 - 124.7.244.0/24 18414 0.3% AS9583 -- SIFY-AS-IN Sify Limited
13 - 221.128.192.0/18 16449 0.2% AS18231 -- EXATT-AS-AP Exatt Technologies Private Ltd.
14 - 89.4.131.0/24 16287 0.2% AS24731 -- ASN-NESMA National Engineering Services and Marketing Company Ltd. (NESMA)
15 - 89.4.130.0/24 16179 0.2% AS24731 -- ASN-NESMA National Engineering Services and Marketing Company Ltd. (NESMA)
16 - 89.4.128.0/24 15684 0.2% AS24731 -- ASN-NESMA National Engineering Services and Marketing Company Ltd. (NESMA)
17 - 80.243.64.0/20 15607 0.2% AS21332 -- NTC-AS New Telephone Company
18 - 193.109.213.0/24 15011 0.2% AS21291 -- OMEGABANK 8 Dragatsaniou str
19 - 213.91.175.0/24 14475 0.2% AS8866 -- BTC-AS Bulgarian Telecommunication Company Plc.
20 - 193.33.184.0/23 13141 0.2% AS42787 -- MMIP-AS MultiMedia IP Ltd.
Details at http://bgpupdates.potaroo.net
------------------------------------
Copies of this report are mailed to:
nanog(a)merit.edu
eof-list(a)ripe.net
apops(a)apops.net
routing-wg(a)ripe.net
afnog(a)afnog.org
1
0
This report has been generated at Fri Mar 28 21:14:33 2008 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date Prefixes CIDR Agg
21-03-08 261084 164253
22-03-08 259085 164458
23-03-08 259042 164446
24-03-08 259084 164765
25-03-08 259298 165409
26-03-08 259348 166083
27-03-08 259811 160215
28-03-08 254550 160603
AS Summary
27845 Number of ASes in routing system
11714 Number of ASes announcing only one prefix
1619 Largest number of prefixes announced by an AS
AS4755 : VSNL-AS Videsh Sanchar Nigam Ltd. Autonomous System
88497920 Largest address span announced by an AS (/32s)
AS721 : DISA-ASNBLK - DoD Network Information Center
Aggregation Summary
The algorithm used in this report proposes aggregation only
when there is a precise match using the AS path, so as
to preserve traffic transit policies. Aggregation is also
proposed across non-advertised address space ('holes').
--- 28Mar08 ---
ASnum NetsNow NetsAggr NetGain % Gain Description
Table 254764 160681 94083 36.9% All ASes
AS9498 1129 71 1058 93.7% BBIL-AP BHARTI BT INTERNET
LTD.
AS4323 1391 384 1007 72.4% TWTC - Time Warner Telecom,
Inc.
AS4755 1619 612 1007 62.2% VSNL-AS Videsh Sanchar Nigam
Ltd. Autonomous System
AS22773 911 101 810 88.9% CCINET-2 - Cox Communications
Inc.
AS1785 1007 198 809 80.3% AS-PAETEC-NET - PaeTec
Communications, Inc.
AS18566 1046 245 801 76.6% COVAD - Covad Communications
Co.
AS11492 1218 455 763 62.6% CABLEONE - CABLE ONE
AS17488 1044 293 751 71.9% HATHWAY-NET-AP Hathway IP Over
Cable Internet
AS6389 958 259 699 73.0% BELLSOUTH-NET-BLK -
BellSouth.net Inc.
AS8151 1188 514 674 56.7% Uninet S.A. de C.V.
AS18101 673 67 606 90.0% RIL-IDC Reliance Infocom Ltd
Internet Data Centre,
AS6478 894 339 555 62.1% ATT-INTERNET3 - AT&T WorldNet
Services
AS2386 1403 868 535 38.1% INS-AS - AT&T Data
Communications Services
AS4134 859 375 484 56.3% CHINANET-BACKBONE
No.31,Jin-rong Street
AS6197 988 511 477 48.3% BATI-ATL - BellSouth Network
Solutions, Inc
AS4812 562 103 459 81.7% CHINANET-SH-AP China Telecom
(Group)
AS19916 555 99 456 82.2% ASTRUM-0001 - OLM LLC
AS4766 851 398 453 53.2% KIXS-AS-KR Korea Telecom
AS855 564 115 449 79.6% CANET-ASN-4 - Bell Aliant
AS7011 1082 637 445 41.1% FRONTIER-AND-CITIZENS -
Frontier Communications of
America, Inc.
AS17676 509 66 443 87.0% GIGAINFRA BB TECHNOLOGY Corp.
AS8103 555 113 442 79.6% STATE-OF-FLA - Florida
Department of Management
Services - Technology Program
AS7018 1449 1025 424 29.3% ATT-INTERNET4 - AT&T WorldNet
Services
AS3356 830 416 414 49.9% LEVEL3 Level 3 Communications
AS6198 688 299 389 56.5% BATI-MIA - BellSouth Network
Solutions, Inc
AS19262 892 509 383 42.9% VZGNI-TRANSIT - Verizon
Internet Services Inc.
AS5668 678 299 379 55.9% AS-5668 - CenturyTel Internet
Holdings, Inc.
AS6140 607 229 378 62.3% IMPSAT-USA - ImpSat USA, Inc.
AS9443 453 77 376 83.0% INTERNETPRIMUS-AS-AP Primus
Telecommunications
AS3602 453 80 373 82.3% AS3602-RTI - Rogers Telecom
Inc.
Total 27056 9757 17299 63.9% Top 30 total
Possible Bogus Routes
24.38.0.0/17 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
24.48.0.0/13 AS19548 ADELPHIA-AS2 - Road Runner HoldCo LLC
24.51.159.0/24 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
24.54.224.0/19 AS20001 ROADRUNNER-WEST - Road Runner HoldCo LLC
24.75.160.0/19 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
24.75.192.0/18 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
24.142.40.0/21 AS7018 ATT-INTERNET4 - AT&T WorldNet Services
24.142.160.0/19 AS7018 ATT-INTERNET4 - AT&T WorldNet Services
24.246.0.0/17 AS7018 ATT-INTERNET4 - AT&T WorldNet Services
24.246.128.0/18 AS7018 ATT-INTERNET4 - AT&T WorldNet Services
62.61.220.0/24 AS24974 TACHYON-EU Tachyon Europe BV - Wireless Broadband via Satellite
63.140.213.0/24 AS22555 UTC - Universal Talkware Corporation
63.141.42.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
63.143.71.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
63.143.115.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
63.248.0.0/16 AS3356 LEVEL3 Level 3 Communications
64.5.64.0/22 AS7228 MCLEOD - McLeod, Inc.
64.5.68.0/24 AS7228 MCLEOD - McLeod, Inc.
64.5.69.0/24 AS7228 MCLEOD - McLeod, Inc.
64.5.70.0/23 AS7228 MCLEOD - McLeod, Inc.
64.5.72.0/24 AS7228 MCLEOD - McLeod, Inc.
64.5.73.0/24 AS7228 MCLEOD - McLeod, Inc.
64.5.74.0/23 AS7228 MCLEOD - McLeod, Inc.
64.5.76.0/22 AS7228 MCLEOD - McLeod, Inc.
64.5.80.0/20 AS7228 MCLEOD - McLeod, Inc.
64.5.96.0/22 AS7228 MCLEOD - McLeod, Inc.
64.5.100.0/23 AS7228 MCLEOD - McLeod, Inc.
64.5.102.0/24 AS7228 MCLEOD - McLeod, Inc.
64.5.103.0/24 AS7228 MCLEOD - McLeod, Inc.
64.5.104.0/21 AS7228 MCLEOD - McLeod, Inc.
64.5.112.0/20 AS7228 MCLEOD - McLeod, Inc.
64.7.112.0/21 AS6453 GLOBEINTERNET Teleglobe America Inc.
64.7.120.0/21 AS6453 GLOBEINTERNET Teleglobe America Inc.
64.50.128.0/18 AS4565 MEGAPATH2-US - MegaPath Networks Inc.
64.64.159.0/24 AS32004 BIG-ASN - Business Information Group, Inc.
64.144.0.0/15 AS4565 MEGAPATH2-US - MegaPath Networks Inc.
64.188.0.0/16 AS3356 LEVEL3 Level 3 Communications
65.36.8.0/24 AS5696
65.36.9.0/24 AS5696
65.36.33.0/24 AS5696
65.36.52.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
66.6.34.0/24 AS14935 MONTICELLO - Monticello Networks, Inc.
66.11.32.0/20 AS6261 VISINET - Visionary Systems, Inc.
66.11.40.0/21 AS6261 VISINET - Visionary Systems, Inc.
66.54.91.0/24 AS30506 BLACKSUN-1 - Blacksun Technologies LLC
66.55.160.0/19 AS29994
66.64.96.0/20 AS3790 RADIGRAFICA COSTARRICENSE
66.180.239.0/24 AS35888 VIGNETTE - VIGNETTE CORPORATION
66.199.32.0/20 AS10397 WISP-AS - Wispnet, LLC
66.206.32.0/24 AS17787 PSEB-AS-PK Pakistan Software Export Board
66.206.33.0/24 AS17787 PSEB-AS-PK Pakistan Software Export Board
66.206.34.0/24 AS17787 PSEB-AS-PK Pakistan Software Export Board
66.206.35.0/24 AS17787 PSEB-AS-PK Pakistan Software Export Board
66.206.40.0/22 AS174 COGENT Cogent/PSI
66.206.44.0/23 AS174 COGENT Cogent/PSI
66.206.47.0/24 AS17557 PKTELECOM-AS-AP Pakistan Telecom
66.207.32.0/20 AS23011
66.219.192.0/18 AS5048 FIBER - FIBERNET Corp.
67.20.0.0/14 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
67.22.64.0/21 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
68.64.0.0/13 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
68.64.58.0/24 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
68.67.124.0/22 AS19548 ADELPHIA-AS2 - Road Runner HoldCo LLC
68.168.0.0/14 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
68.232.0.0/14 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
69.71.192.0/20 AS13818 PHX-INTL-TELEPORT - Phoenix International Teleport
69.80.0.0/17 AS3043 AMPHIB-AS - Amphibian Media Corporation
69.160.0.0/12 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
69.167.176.0/20 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
69.169.0.0/17 AS20001 ROADRUNNER-WEST - Road Runner HoldCo LLC
70.32.0.0/13 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
70.36.0.0/20 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
70.37.212.0/22 AS7843 ADELPHIA-AS - Road Runner HoldCo LLC
70.38.0.0/16 AS19548 ADELPHIA-AS2 - Road Runner HoldCo LLC
70.40.0.0/16 AS19548 ADELPHIA-AS2 - Road Runner HoldCo LLC
80.88.0.0/21 AS33774 DJAWEB
80.88.8.0/22 AS33774 DJAWEB
80.88.10.0/24 AS33774 DJAWEB
80.88.11.0/24 AS33774 DJAWEB
80.88.12.0/24 AS33779 wataniya-telecom-as
93.88.240.0/20 AS29222 INFOMANIAK-AS Infomaniak Network SA
95.192.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
95.255.248.0/21 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
137.0.0.0/13 AS721 DISA-ASNBLK - DoD Network Information Center
151.135.0.0/16 AS4768 CLIX-NZ TelstraClear Ltd
159.3.211.0/24 AS2687 ASATTCA AT&T Global Network Services - AP
163.142.0.0/16 AS2500 WIDE-BB WIDE Project
166.63.0.0/16 AS33775 NITEL-AS
172.10.1.0/30 AS18305 POSNET POSDATA Co.,Ltd
192.9.200.0/24 AS3602 AS3602-RTI - Rogers Telecom Inc.
192.30.93.0/24 AS17757 HPAUS-AP HP Australia
192.30.94.0/24 AS17757 HPAUS-AP HP Australia
192.40.105.0/24 AS12582 TSF-DATANET-NGD-AS TSF MPLS VPN Services
192.69.107.0/24 AS5515 TS-FINLAND-DATANET-OLD TS Finland DataNet
192.69.108.0/24 AS5515 TS-FINLAND-DATANET-OLD TS Finland DataNet
192.69.177.0/24 AS5515 TS-FINLAND-DATANET-OLD TS Finland DataNet
192.70.164.0/24 AS25689 NRCNET-AS - National Research Council of Canada
192.96.36.0/24 AS5713 SAIX-NET
192.96.37.0/24 AS10474 NETACTIVE
192.96.135.0/24 AS2018 TENET-1
192.96.136.0/23 AS2018 TENET-1
192.96.143.0/24 AS2018 TENET-1
192.96.145.0/24 AS2018 TENET-1
192.96.177.0/24 AS6083 POSIX-AFRICA
192.101.45.0/24 AS2905 TICSA-ASN
192.101.46.0/24 AS6503 Avantel, S.A.
192.101.47.0/24 AS6503 Avantel, S.A.
192.101.64.0/21 AS702 AS702 Verizon Business EMEA - Commercial IP service provider in Europe
192.101.67.0/24 AS21775
192.101.70.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
192.101.71.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
192.101.72.0/24 AS702 AS702 Verizon Business EMEA - Commercial IP service provider in Europe
192.101.73.0/24 AS4765 WORLDNET-AS World Net & Services Co., Ltd.
192.101.74.0/24 AS1239 SPRINTLINK - Sprint
192.122.212.0/24 AS209 ASN-QWEST - Qwest
192.124.252.0/22 AS680 DFN-IP Service G-WiN
192.131.233.0/24 AS7891 BELLSOUTH-NET-BLK2 - Bellsouth.Net
192.133.6.0/24 AS10282 EQUANT-CEEUR EQUANT AS for Central and Eastern Europe region
192.145.251.0/24 AS10026 ANC Asia Netcom Corporation
192.153.144.0/21 AS721 DISA-ASNBLK - DoD Network Information Center
192.188.208.0/20 AS721 DISA-ASNBLK - DoD Network Information Center
193.200.114.0/23 AS31530 SERVERCREW-AS Servercrew LTD Autonomes System
194.31.227.0/24 AS21461 TRANSFAIRNET Transfair-net GmbH Krefeld
194.246.72.0/23 AS8893 ARTFILES-AS Artfiles New Media GmbH
196.6.108.0/24 AS5713 SAIX-NET
196.10.119.0/24 AS2018 TENET-1
196.10.122.0/23 AS2018 TENET-1
196.10.251.0/24 AS2018 TENET-1
196.10.252.0/23 AS2018 TENET-1
196.10.254.0/24 AS2018 TENET-1
196.13.101.0/24 AS2018 TENET-1
196.13.102.0/23 AS2018 TENET-1
196.13.104.0/24 AS2018 TENET-1
196.13.121.0/24 AS2018 TENET-1
196.13.125.0/24 AS2018 TENET-1
196.13.126.0/24 AS2018 TENET-1
196.13.169.0/24 AS2018 TENET-1
196.13.174.0/23 AS2018 TENET-1
196.13.176.0/21 AS2018 TENET-1
196.13.192.0/22 AS2018 TENET-1
196.13.196.0/24 AS2018 TENET-1
196.216.132.0/24 AS9207 AS9207 Taide - Kenya POP
196.216.134.0/24 AS9207 AS9207 Taide - Kenya POP
198.23.26.0/24 AS4390 BELLATLANTIC-COM - Bell Atlantic, Inc.
198.54.82.0/24 AS2018 TENET-1
198.54.92.0/24 AS2018 TENET-1
198.54.222.0/24 AS2018 TENET-1
198.97.72.0/21 AS721 DISA-ASNBLK - DoD Network Information Center
198.97.80.0/20 AS721 DISA-ASNBLK - DoD Network Information Center
198.97.96.0/19 AS721 DISA-ASNBLK - DoD Network Information Center
198.97.240.0/20 AS721 DISA-ASNBLK - DoD Network Information Center
198.144.96.0/20 AS12185
198.161.87.0/24 AS6539 GT-BELL - Bell Canada
198.167.0.0/16 AS7456 INTERHOP - Interhop Network SERVICES Inc.
198.168.0.0/16 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
198.169.0.0/16 AS803 SASKTEL - SaskTel
198.180.198.0/24 AS23715 SEOUL-INTGW-GXS-AP Global Exchange Services
199.9.128.0/17 AS668 ASN-ASNET-NET-AS - Defense Research and Engineering Network
199.10.0.0/16 AS721 DISA-ASNBLK - DoD Network Information Center
199.114.0.0/21 AS721 DISA-ASNBLK - DoD Network Information Center
199.114.128.0/18 AS721 DISA-ASNBLK - DoD Network Information Center
199.114.130.0/24 AS6045 DDN-ASNBLK - DoD Network Information Center
199.114.131.0/24 AS6045 DDN-ASNBLK - DoD Network Information Center
199.114.132.0/24 AS6045 DDN-ASNBLK - DoD Network Information Center
199.114.134.0/24 AS3541 ITSDN-U4 - DoD Network Information Center
199.114.136.0/24 AS27044 DDN-ASNBLK1 - DoD Network Information Center
199.114.138.0/24 AS6045 DDN-ASNBLK - DoD Network Information Center
199.114.140.0/24 AS3544 ITSDN-U7 - DoD Network Information Center
199.114.142.0/24 AS6045 DDN-ASNBLK - DoD Network Information Center
199.114.144.0/24 AS6045 DDN-ASNBLK - DoD Network Information Center
199.114.148.0/24 AS6045 DDN-ASNBLK - DoD Network Information Center
199.114.150.0/24 AS6045 DDN-ASNBLK - DoD Network Information Center
199.114.152.0/24 AS27033 DDN-ASNBLK1 - DoD Network Information Center
199.114.153.0/24 AS27034 DDN-ASNBLK1 - DoD Network Information Center
199.114.154.0/24 AS1733 CENTAF-SWA - AF DDN PMO
199.114.156.0/24 AS1733 CENTAF-SWA - AF DDN PMO
199.114.160.0/24 AS1733 CENTAF-SWA - AF DDN PMO
199.121.0.0/16 AS721 DISA-ASNBLK - DoD Network Information Center
199.123.0.0/18 AS721 DISA-ASNBLK - DoD Network Information Center
199.123.16.0/20 AS721 DISA-ASNBLK - DoD Network Information Center
199.123.80.0/21 AS721 DISA-ASNBLK - DoD Network Information Center
199.189.32.0/19 AS7332 IQUEST-AS - IQuest Internet
199.202.0.0/16 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
199.246.116.0/24 AS813 UUNET-CANADA - MCI Communications Services, Inc. d/b/a Verizon Business
202.45.132.0/22 AS24314
202.58.113.0/24 AS19161 INNOCOM-TELECOM - INNOCOM TELECOM
202.73.144.0/20 AS4788 TMNET-AS-AP TM Net, Internet Service Provider
202.86.252.0/22 AS4748 RESOLINK-AS-AP Resources Link Network Limited
202.86.253.0/24 AS9304 HUTCHISON-AS-AP Hutchison Global Communications
202.86.254.0/24 AS9304 HUTCHISON-AS-AP Hutchison Global Communications
202.86.255.0/24 AS9304 HUTCHISON-AS-AP Hutchison Global Communications
202.90.33.0/24 AS9830 SWIFTONLINE-AS-AP SWIFT ONLINE BORDER AS
202.90.40.0/24 AS9830 SWIFTONLINE-AS-AP SWIFT ONLINE BORDER AS
202.90.41.0/24 AS9830 SWIFTONLINE-AS-AP SWIFT ONLINE BORDER AS
202.90.42.0/24 AS9830 SWIFTONLINE-AS-AP SWIFT ONLINE BORDER AS
202.90.43.0/24 AS9830 SWIFTONLINE-AS-AP SWIFT ONLINE BORDER AS
202.90.44.0/24 AS9830 SWIFTONLINE-AS-AP SWIFT ONLINE BORDER AS
202.94.1.0/24 AS4808 CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
202.94.70.0/24 AS9837 POWERTEL-AP Powertel Ltd
202.124.195.0/24 AS17557 PKTELECOM-AS-AP Pakistan Telecom
202.124.207.0/24 AS17911 BRAINPK-AS-AP Brain Telecommunication Ltd.
202.136.254.0/24 AS4808 CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
202.136.255.0/24 AS4808 CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
202.164.100.0/24 AS18101 RIL-IDC Reliance Infocom Ltd Internet Data Centre,
202.181.32.0/24 AS4645 ASN-HKNET-AP HKNet Co. Ltd
203.2.128.0/17 AS17175 NSS-UK New Skies Satellites UK AS
203.12.45.0/24 AS4854 NETSPACE-AS-AP Netspace Online Systems
203.62.0.0/17 AS7575 AARNET-AS-AP Australian Academic and Reasearch Network (AARNet)
203.78.48.0/20 AS9299 IPG-AS-AP Philippine Long Distance Telephone Company
203.89.139.0/24 AS17911 BRAINPK-AS-AP Brain Telecommunication Ltd.
203.111.192.0/20 AS7473 SINGTEL-AS-AP Singapore Telecom
203.112.97.0/24 AS9942 COMINDICO-AP SOUL Converged Communications Australia
203.112.111.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.113.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.114.0/24 AS4802 ASN-IINET iiNet Limited
203.112.116.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.117.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.118.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.119.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.120.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.121.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.127.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.128.128.0/19 AS4134 CHINANET-BACKBONE No.31,Jin-rong Street
203.128.128.0/24 AS23849 CNNIC-NET263-AP Beijing Capital-online science development Co.,Ltd.
203.152.136.0/23 AS23649 NEWSKIES-AS-AP New Skies Satellites, Hong Kong Teleport
203.152.138.0/23 AS23649 NEWSKIES-AS-AP New Skies Satellites, Hong Kong Teleport
203.152.142.0/24 AS23649 NEWSKIES-AS-AP New Skies Satellites, Hong Kong Teleport
203.152.143.0/24 AS23649 NEWSKIES-AS-AP New Skies Satellites, Hong Kong Teleport
203.160.110.0/23 AS7643 VNN-AS-AP Vietnam Posts and Telecommunications (VNPT)
204.9.216.0/23 AS7893 BELLSOUTH-NET-BLK2 - Bellsouth.Net
204.9.217.0/24 AS4323 TWTC - Time Warner Telecom, Inc.
204.9.218.0/23 AS7893 BELLSOUTH-NET-BLK2 - Bellsouth.Net
204.13.140.0/22 AS7270 NET2PHONE - Net2Phone Corp.
204.16.120.0/23 AS12077
204.16.122.0/23 AS12077
204.19.14.0/23 AS577 BACOM - Bell Canada
204.29.196.0/24 AS7018 ATT-INTERNET4 - AT&T WorldNet Services
204.29.197.0/24 AS7018 ATT-INTERNET4 - AT&T WorldNet Services
204.48.58.0/24 AS4323 TWTC - Time Warner Telecom, Inc.
204.48.60.0/24 AS4323 TWTC - Time Warner Telecom, Inc.
204.154.125.0/24 AS3952 TELLABS-ASN - TELLABS Operations, Inc.
204.154.126.0/24 AS3952 TELLABS-ASN - TELLABS Operations, Inc.
204.154.127.0/24 AS3952 TELLABS-ASN - TELLABS Operations, Inc.
205.150.0.0/15 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
206.28.176.0/21 AS1273 CW Cable and Wireless plc
206.162.224.0/19 AS23464 ILCSNET - Interlink Computer Services
206.180.240.0/20 AS12083 KNOLOGY-NET - Knology Holdings
206.220.240.0/24 AS10764 STARTAP - National Center for Supercomputing Applications
206.220.240.64/26 AS22335 MREN - Metropolitan Research and Education Network
206.220.240.128/25 AS10764 STARTAP - National Center for Supercomputing Applications
206.220.240.160/30 AS10764 STARTAP - National Center for Supercomputing Applications
206.220.240.220/32 AS10764 STARTAP - National Center for Supercomputing Applications
206.220.241.0/24 AS10764 STARTAP - National Center for Supercomputing Applications
207.98.192.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
207.98.209.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
207.98.223.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
207.191.128.0/19 AS10887 BPSI-AS - BPSI Internet Services
207.204.168.0/24 AS15150 BELLTECH-AS - BELLWETHER TECHNOLOGY CORPORATION
207.204.222.0/24 AS22773 CCINET-2 - Cox Communications Inc.
207.204.248.0/24 AS6653 PRIVATEI - privateI, LLC
207.231.96.0/19 AS11194 NUNETPA - NuNet Inc.
207.254.192.0/19 AS11881
208.38.192.0/18 AS3043 AMPHIB-AS - Amphibian Media Corporation
208.38.192.0/21 AS14237 BEAMSPEED1 - Beamspeed
208.38.200.0/23 AS14237 BEAMSPEED1 - Beamspeed
208.38.202.0/24 AS14237 BEAMSPEED1 - Beamspeed
208.38.203.0/24 AS14237 BEAMSPEED1 - Beamspeed
208.38.204.0/22 AS14237 BEAMSPEED1 - Beamspeed
209.54.42.0/24 AS6653 PRIVATEI - privateI, LLC
209.54.93.0/24 AS22773 CCINET-2 - Cox Communications Inc.
209.54.111.0/24 AS22773 CCINET-2 - Cox Communications Inc.
209.54.123.0/24 AS6062 NETPLEX - NETPLEX
209.54.142.0/24 AS12284 IPNS-AS - Internet Professionals & Network Solutions
209.54.240.0/21 AS10887 BPSI-AS - BPSI Internet Services
209.105.224.0/19 AS20074
209.140.64.0/20 AS22307 SINGLEEDGE-AS - SingleEdge, Inc.
209.140.90.0/24 AS14461 NTSL - NET SOLUTIONS
209.140.224.0/21 AS10573 WEBNEXUS - WebNexus Communications Inc.
209.140.234.0/24 AS10573 WEBNEXUS - WebNexus Communications Inc.
209.140.235.0/24 AS10573 WEBNEXUS - WebNexus Communications Inc.
209.140.236.0/24 AS10573 WEBNEXUS - WebNexus Communications Inc.
209.140.237.0/24 AS10573 WEBNEXUS - WebNexus Communications Inc.
209.140.238.0/24 AS10573 WEBNEXUS - WebNexus Communications Inc.
209.140.239.0/24 AS10573 WEBNEXUS - WebNexus Communications Inc.
209.141.4.0/24 AS6653 PRIVATEI - privateI, LLC
209.141.16.0/21 AS10573 WEBNEXUS - WebNexus Communications Inc.
209.141.48.0/22 AS14461 NTSL - NET SOLUTIONS
209.141.104.0/24 AS6653 PRIVATEI - privateI, LLC
209.145.192.0/18 AS3043 AMPHIB-AS - Amphibian Media Corporation
209.145.204.0/22 AS14237 BEAMSPEED1 - Beamspeed
209.207.24.0/24 AS21829 JADETECH-NET - Jade Technologies, Inc.
209.207.36.0/24 AS21829 JADETECH-NET - Jade Technologies, Inc.
210.5.128.0/20 AS4837 CHINA169-BACKBONE CNCGROUP China169 Backbone
213.150.192.0/21 AS29571 CITelecom-AS
213.150.200.0/22 AS29571 CITelecom-AS
213.150.201.0/24 AS29338 AFOL-AS Used by Africaonline Operations
213.150.202.0/24 AS41042 SKYVISION SkyVision Network Services
216.37.114.0/23 AS3549 GBLX Global Crossing Ltd.
216.37.120.0/23 AS13377
216.59.0.0/17 AS3356 LEVEL3 Level 3 Communications
216.99.16.0/24 AS6395 LVLT-6395 - Level 3 Communications, Inc.
216.99.17.0/24 AS6395 LVLT-6395 - Level 3 Communications, Inc.
216.99.20.0/24 AS6395 LVLT-6395 - Level 3 Communications, Inc.
216.119.128.0/24 AS14345 CRESCENT-TECH - Crescent Technology
216.119.131.0/24 AS14345 CRESCENT-TECH - Crescent Technology
216.119.141.0/24 AS14345 CRESCENT-TECH - Crescent Technology
216.162.96.0/19 AS7393 CYBERCON - CYBERCON, INC.
216.172.198.0/24 AS22773 CCINET-2 - Cox Communications Inc.
216.172.199.0/24 AS22773 CCINET-2 - Cox Communications Inc.
216.210.86.0/24 AS577 BACOM - Bell Canada
216.240.240.0/24 AS7018 ATT-INTERNET4 - AT&T WorldNet Services
216.240.241.0/24 AS7018 ATT-INTERNET4 - AT&T WorldNet Services
216.240.242.0/24 AS7018 ATT-INTERNET4 - AT&T WorldNet Services
216.251.207.0/24 AS1239 SPRINTLINK - Sprint
217.78.71.0/24 AS12491 IPPLANET-AS IPPlanet
217.78.72.0/24 AS12491 IPPLANET-AS IPPlanet
217.78.73.0/24 AS12491 IPPLANET-AS IPPlanet
Please see http://www.cidr-report.org for the full report
------------------------------------
Copies of this report are mailed to:
nanog(a)merit.edu
eof-list(a)ripe.net
apops(a)apops.net
routing-wg(a)ripe.net
afnog(a)afnog.org
1
0
We're seeing some persistent routing issues with AOL UK customers, it looks
like the issue is somewhere inside of ATDN, and it's definitely affecting
204.11.244.0/22 to the point that no AOL UK customers can apparently reach
that network at all. If an AOL engineer is on list or someone can
clue-by-four someone over there that'd be great. I've tried with
absolutely 0 success at getting past the front lines of AOL and ATDN's
various contact points. noc(a)aol.net appears to be an alias for /dev/null.
--
"Genius might be described as a supreme capacity for getting its possessors
into trouble of all kinds."
-- Samuel Butler
1
0
27 Mar '08
Folks,
We're planning to end of life collection of 'sh ip bgp'
RIBs from route-views.routeviews.org. We will of course
keep the data we have.
Please let us know if you are still using these data.
Thanks,
Dave
3
4
Hello. I looked through the recent archives and didn't see this
question addressed, so please excuse me if it has been beaten to death
or is considered off-topic.
We have a UUnet link and a secondary provider. The secondary provider
has no IPv6 facilities. UUnet (er, Verizon Business) has IPv6 clue, but
there is an impenetrable wall between the customer and the clue which
assures that there will be no IPv6 links or tunnels ever given to customers.
We would like to get an IPv6 tunnel to begin limited testing of IPv6 for
customers. Is there any IPv6-savvy ISP out there who will give/sell
tunnels to other ISPs?
Experimentation with SixXS.NET has proven to be problematic, so I'd
rather have a more stable and commercial relationship if possible.
As you might guess, our IPv6 traffic load is estimated to be between
"zero" and "unmeasurably small," but we'd still like to have it hover
above the absolute zero mark.
Any help/pointers/advice/proposals gratefully solicited.
jms
--
Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719
Senior Partner, Opus One Phone: +1 520 324 0494
jms(a)Opus1.COM http://www.opus1.com/jms
8
8
Cisco Security Advisory: Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS
by Cisco Systems Product Security Incident Response Team 26 Mar '08
by Cisco Systems Product Security Incident Response Team 26 Mar '08
26 Mar '08
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple DLSw Denial of Service
Vulnerabilities in Cisco IOS
Advisory ID: cisco-sa-20080326-dlsw
http://www.cisco.com/warp/public/707/cisco-sa-20080326-dlsw.shtml
Revision 1.0
For Public Release 2008 March 26 1600 UTC (GMT)
Summary
=======
Cisco IOS contains multiple vulnerabilities in the Data-link
Switching (DLSw) feature that may result in a reload or memory leaks
when processing specially crafted UDP or IP Protocol 91 packets.
Cisco has released free software updates that address these
vulnerabilities. Workarounds are available to mitigate the effects of
these vulnerabilities.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20080326-dlsw.shtml
Note: The March 26, 2008 publication includes five Security
Advisories. The Advisories all affect Cisco's Internetwork Operating
System (IOS). Each Advisory lists the releases that correct the
vulnerability described in the Advisory, and the Advisories also
detail the releases that correct the vulnerabilities in all five
Advisories. Please reference the following software table to find a
release which fixes all published Security Advisories as of March
26th, 2008.
* March 26th bundled IOS Advisory Table
http://www.cisco.com/warp/public/707/cisco-sa-20080326-bundle.shtml
Individual publication links are listed below:
* Cisco IOS Virtual Private Dial-up Network Denial of Service
Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20080326-pptp.shtml
* Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS
http://www.cisco.com/warp/public/707/cisco-sa-20080326-dlsw.shtml
* Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6
Dual-stack Routers
http://www.cisco.com/warp/public/707/cisco-sa-20080326-IPv4IPv6.shtml
* Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor
32, Supervisor 720, or Route Switch Processor 720
http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml
* Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak
http://www.cisco.com/warp/public/707/cisco-sa-20080326-mvpn.shtml
Affected Products
=================
Vulnerable Products
+------------------
This security advisory applies to all Cisco products that run any
version of affected Cisco IOS software configured for DLSw. Systems
that contain the DLSw feature, but do not have it enabled, are not
affected.
Routers enabled for DLSw contain a line in the configuration defining
a local DLSw peer. This configuration can be observed by issuing the
command "show running-config". Systems configured for DLSw contain
lines similar to the following:
"dlsw local-peer"
or
"dlsw local-peer peer-id <IP address>"
Any version of Cisco IOS prior to the versions which are listed in
the Software Versions and Fixes section below is vulnerable.
To determine the version of Cisco IOS software running on a Cisco
product, log in to the device and issue the show version command to
display the system banner. Cisco IOS Software will identify itself as
"Internetwork Operating System Software" or simply "IOS". On the next
line of output, the image name will be displayed between parentheses,
followed by "Version" and the IOS release name. Other Cisco devices
will not have the "show version" command or will give different
output.
The following example identifies a Cisco product running Cisco IOS
Software Release 12.3(6) with an installed image name of C3640-IS-M:
Cisco Internetwork Operating System Software
IOS (tm) 3600 Software (C3640-IS-M), Version 12.3(6), RELEASE SOFTWARE (fc3)
The next example shows a product running Cisco IOS Software Release
12.3(11)T3 with an image name of C3845-ADVIPSERVICESK9-M:
Cisco IOS Software, 3800 Software (C3845-ADVIPSERVICESK9-M), Version 12.3(11)T3, RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Additional information about Cisco IOS release naming can be found at
http://www.cisco.com/warp/public/620/1.html.
Products Confirmed Not Vulnerable
+--------------------------------
Cisco IOS devices that are not configured for DLSw are not
vulnerable.
No other Cisco products are currently known to be affected by these
vulnerabilities.
Details
=======
Data-link switching (DLSw) provides a means of transporting IBM
Systems Network Architecture (SNA) and network basic input/output
system (NetBIOS) traffic over an IP network. Cisco implementation of
DLSw also uses UDP port 2067 and IP Protocol 91 for Fast Sequenced
Transport (FST).
Multiple vulnerabilities exists in Cisco IOS when processing UDP and
IP protocol 91 packets. These vulnerabilities do not affect TCP
packet processing. A successful exploitation may result in a reload
of the system or a memory leak on the device, leading to a denial of
service (DoS) condition.
Cisco IOS devices configured for DLSw with "dlsw local-peer"
automatically listen for IP protocol 91 packets. A Cisco IOS device
that is configured for DLSw with the "dlsw local-peer peer-id
<IP-address>" command listen for IP protocol 91 packets and UDP port
2067.
Cisco IOS devices listen to IP protocol 91 packets when DLSw is
configured. However, it is only used if DLSw is configured for Fast
Sequenced Transport (FST). A DLSw FST peer configuration will contain
the following line:
"dlsw remote-peer 0 fst <ip-address>"
It is possible to disable UDP processing in DLSw with the "dlsw
udp-disable" command. However, disabling UDP only prevents the
sending of UDP packets, it does not prevent the device from receiving
and processing incoming UDP packets.
These vulnerabilities are documented in Cisco Bug ID CSCsk73104
and have been assigned Common Vulnerabilities and Exposures (CVE) ID
CVE-2008-1152.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding
CVSS at
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at
http://intellishield.cisco.com/security/alertmanager/cvss
CSCsk73104 - Handling of malformed packets by DLSW
CVSS Base Score - 7.8
Access Vector: Network
Access Complexity: Low
Authentication: None
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: Complete
CVSS Temporal Score - 6.4
Exploitability: Functional
Remediation Level: Official-Fix
Report Confidence: Confirmed
Impact
======
Successful exploitation of these vulnerabilities may result in the
reload of the device or memory leaks, leading to a DoS condition.
Software Versions and Fixes
===========================
When considering software upgrades, also consult
http://www.cisco.com/go/psirt and any subsequent advisories to
determine exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance.
Each row of the Cisco IOS software table (below) names a Cisco IOS
release train. If a given release train is vulnerable, then the
earliest possible releases that contain the fix (along with the
anticipated date of availability for each, if applicable) are listed
in the "First Fixed Release" column of the table. The "Recommended
Release" column indicates the releases which have fixes for all the
published vulnerabilities at the time of this Advisory. A device
running a release in the given train that is earlier than the release
in a specific column (less than the First Fixed Release) is known to
be vulnerable. Cisco recommends upgrading to a release equal to or
later than the release in the "Recommended Releases" column of the
table.
+----------------------------------------+
| Major | Availability of Repaired |
| Release | Releases |
|------------+---------------------------|
| Affected | First Fixed | Recommended |
| 12.0-Based | Release | Release |
| Releases | | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.0 | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.0(8)DA3 | |
| | are | |
| | vulnerable, | |
| | release | |
| 12.0DA | 12.0(8)DA3 | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | migrate to | |
| | any release | |
| | in 12.2DA | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.0(7)DB | |
| | are | |
| | vulnerable, | |
| 12.0DB | release | 12.4(18a) |
| | 12.0(7)DB | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.4 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.0(7)DC | |
| | are | |
| | vulnerable, | |
| 12.0DC | release | 12.4(18a) |
| | 12.0(7)DC | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.4 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.0(17)S5 | |
| | are | |
| 12.0S | vulnerable, | 12.0(32)S10 |
| | release | |
| | 12.0(17)S5 | |
| | and later | |
| | are not | |
| | vulnerable; | |
|------------+-------------+-------------|
| 12.0SC | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.0SL | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.0SP | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.0ST | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.0SX | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.0SY | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.0SZ | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.0T | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.0W | Vulnerable; | 12.0(3c)W5 |
| | contact TAC | (8) |
|------------+-------------+-------------|
| 12.0WC | Vulnerable; | |
| | contact TAC | |
|------------+-------------+-------------|
| 12.0WT | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.0XA | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.0XB | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.0(2)XC2 | |
| | are | |
| | vulnerable, | |
| 12.0XC | release | 12.3(26) |
| | 12.0(2)XC2 | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.0XD | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.0XE | first fixed | |
| | in 12.1E | |
|------------+-------------+-------------|
| 12.0XF | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.0XG | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.0XH | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.0(4)XI2 | |
| | are | |
| | vulnerable, | |
| 12.0XI | release | 12.3(26) |
| | 12.0(4)XI2 | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.3 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.0(4)XJ5 | |
| | are | |
| | vulnerable, | |
| 12.0XJ | release | 12.3(26) |
| | 12.0(4)XJ5 | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.0XK | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.0XL | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.0XM | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.0XN | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.0XQ | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.0XR | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.0XS | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.0XV | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.0XW | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| Affected | First Fixed | Recommended |
| 12.1-Based | Release | Release |
| Releases | | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1 | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1AA | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.1AX | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.1(22)AY1 | |
| | are | |
| 12.1AY | vulnerable, | 12.1(22) |
| | release | EA11 |
| | 12.1(22)AY1 | |
| | and later | |
| | are not | |
| | vulnerable; | |
|------------+-------------+-------------|
| 12.1AZ | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.1CX | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.1DA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.1(4)DB1 | |
| | are | |
| | vulnerable, | |
| 12.1DB | release | 12.4(18a) |
| | 12.1(4)DB1 | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.4 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.1(4)DC2 | |
| | are | |
| | vulnerable, | |
| 12.1DC | release | 12.4(18a) |
| | 12.1(4)DC2 | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.4 | |
|------------+-------------+-------------|
| 12.1E | 12.1(27b)E4 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.1(11)EA1 | |
| | are | |
| 12.1EA | vulnerable, | 12.1(22) |
| | release | EA11 |
| | 12.1(11)EA1 | |
| | and later | |
| | are not | |
| | vulnerable; | |
|------------+-------------+-------------|
| 12.1EB | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1EC | migrate to | 12.3(23)BC1 |
| | any release | |
| | in 12.2BC | |
|------------+-------------+-------------|
| 12.1EO | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.1EU | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.1EV | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.1EW | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1EX | first fixed | |
| | in 12.1E | |
|------------+-------------+-------------|
| 12.1EY | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1EZ | first fixed | |
| | in 12.1E | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1GA | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1GB | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1T | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XA | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.1XB | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XC | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XD | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.1XE | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.1XF | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XG | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XH | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XI | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XJ | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.1XK | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.1XL | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XM | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.1XN | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.1XO | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XP | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XQ | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.1XR | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XS | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.1(3)XT2 | |
| | are | |
| | vulnerable, | |
| 12.1XT | release | 12.3(26) |
| | 12.1(3)XT2 | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.1XU | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.1(5)XV1 | |
| | are | |
| | vulnerable, | |
| 12.1XV | release | 12.3(26) |
| | 12.1(5)XV1 | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XW | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XX | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XY | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1XZ | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1YA | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1YB | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.1YC | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1YD | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.1(5)YE1 | |
| | are | |
| | vulnerable, | |
| 12.1YE | release | 12.3(26) |
| | 12.1(5)YE1 | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.1YF | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.1YG | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.1YH | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.1YI | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.1YJ | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| Affected | First Fixed | Recommended |
| 12.2-Based | Release | Release |
| Releases | | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2 | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2B | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| 12.2BC | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2BW | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2BY | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| 12.2BZ | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2CX | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2CY | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2CZ | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2DA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2DD | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2DX | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| 12.2EU | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2EW | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2EWA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2EX | migrate to | 12.2(40)EX1 |
| | any release | |
| | in 12.2SEA | |
|------------+-------------+-------------|
| 12.2EY | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2EZ | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2FX | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2FY | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2FZ | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2IXA | Vulnerable; | |
| | contact TAC | |
|------------+-------------+-------------|
| 12.2IXB | Vulnerable; | |
| | contact TAC | |
|------------+-------------+-------------|
| 12.2IXC | Vulnerable; | |
| | contact TAC | |
|------------+-------------+-------------|
| 12.2IXD | Vulnerable; | |
| | contact TAC | |
|------------+-------------+-------------|
| | Vulnerable; | 12.2(18) |
| | migrate to | IXF; |
| 12.2IXE | any release | Available |
| | in 12.2IXF | on |
| | | 31-MAR-08 |
|------------+-------------+-------------|
| 12.2JA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2JK | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2MB | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2MC | 12.2(15) | 12.4(18a) |
| | MC2h | |
|------------+-------------+-------------|
| 12.2S | 12.2(25)S15 | 12.2(25)S15 |
|------------+-------------+-------------|
| | 12.2(28) | |
| | SB10 | |
| | | |
| | 12.2(31)SB9 | 12.2(28) |
| 12.2SB | | SB12 |
| | 12.2(33)SB; | |
| | Available | |
| | on | |
| | 31-MAR-08 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| | first fixed | |
| | in 12.2SB | |
| | | |
| 12.2SBC | Vulnerable; | 12.2(28) |
| | first fixed | SB12 |
| | in 12.2SB; | |
| | Available | |
| | on | |
| | 31-MAR-08 | |
|------------+-------------+-------------|
| 12.2SCA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SE | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SEA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SEB | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SEC | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SED | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SEE | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SEF | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SEG | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SG | 12.2(44)SG | 12.2(44)SG |
|------------+-------------+-------------|
| 12.2SGA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SL | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SM | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SO | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SRA | 12.2(33) | 12.2(33) |
| | SRA6 | SRA7 |
|------------+-------------+-------------|
| | 12.2(33) | 12.2(33) |
| | SRB3; | SRB3; |
| 12.2SRB | Available | Available |
| | on | on |
| | 31-MAR-08 | 31-MAR-08 |
|------------+-------------+-------------|
| 12.2SRC | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2SU | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.2(29a) | |
| | SV1 are | |
| | vulnerable, | |
| | release | |
| 12.2SV | 12.2(29a) | 12.2(29b)SV |
| | SV1 and | |
| | later are | |
| | not | |
| | vulnerable; | |
| | migrate to | |
| | any release | |
| | in 12.2SVA | |
|------------+-------------+-------------|
| 12.2SVA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SVC | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2SVD | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.2(25) | |
| | SW10 are | |
| | vulnerable, | |
| 12.2SW | release | |
| | 12.2(25) | |
| | SW10 and | |
| | later are | |
| | not | |
| | vulnerable; | |
|------------+-------------+-------------|
| | Vulnerable; | 12.2(18) |
| 12.2SX | first fixed | SXF13 |
| | in 12.2SXF | |
|------------+-------------+-------------|
| | Vulnerable; | 12.2(18) |
| 12.2SXA | first fixed | SXF13 |
| | in 12.2SXF | |
|------------+-------------+-------------|
| | Vulnerable; | 12.2(18) |
| 12.2SXB | first fixed | SXF13 |
| | in 12.2SXF | |
|------------+-------------+-------------|
| | Vulnerable; | 12.2(18) |
| 12.2SXD | first fixed | SXF13 |
| | in 12.2SXF | |
|------------+-------------+-------------|
| | Vulnerable; | 12.2(18) |
| 12.2SXE | first fixed | SXF13 |
| | in 12.2SXF | |
|------------+-------------+-------------|
| | 12.2(18) | |
| | SXF12 | |
| | | |
| 12.2SXF | 12.2(18) | 12.2(18) |
| | SXF12a | SXF13 |
| | | |
| | 12.2(18) | |
| | SXF13a | |
|------------+-------------+-------------|
| 12.2SXH | 12.2(33) | |
| | SXH1 | |
|------------+-------------+-------------|
| | Vulnerable; | 12.2(18) |
| 12.2SY | first fixed | SXF13 |
| | in 12.2SXF | |
|------------+-------------+-------------|
| | | 12.2(25)S15 |
| | Vulnerable; | |
| 12.2SZ | first fixed | 12.2(28) |
| | in 12.2S | SB12 |
| | | |
| | | 12.2(33)SRC |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2T | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.2TPC | 12.2(8) | |
| | TPC10d | |
|------------+-------------+-------------|
| 12.2UZ | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XA | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XB | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XC | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XD | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.2XE | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2XF | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XG | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XH | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.2XI | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XJ | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XK | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XL | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XM | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.2XN | 12.2(33)XN1 | 12.3(26) |
|------------+-------------+-------------|
| 12.2XO | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XQ | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.2XR | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2XS | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XT | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XU | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XV | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2XW | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.2(4)YA8 | |
| | are | |
| | vulnerable, | |
| 12.2YA | release | 12.3(26) |
| | 12.2(4)YA8 | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YB | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YC | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YD | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | | 12.2(25)S15 |
| | Vulnerable; | |
| 12.2YE | first fixed | 12.2(28) |
| | in 12.2S | SB12 |
| | | |
| | | 12.2(33)SRC |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YF | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.2YG | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YH | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.2(8)YJ1 | |
| | are | |
| | vulnerable, | |
| 12.2YJ | release | 12.3(26) |
| | 12.2(8)YJ1 | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.3 | |
|------------+-------------+-------------|
| 12.2YK | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YL | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YM | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YN | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | Vulnerable; | 12.2(18) |
| 12.2YO | first fixed | SXF13 |
| | in 12.2SXF | |
|------------+-------------+-------------|
| 12.2YP | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2YQ | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2YR | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2YS | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YT | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YU | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.2(11)YV1 | |
| | are | |
| | vulnerable, | |
| 12.2YV | release | 12.4(18a) |
| | 12.2(11)YV1 | |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.4 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YW | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YX | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2YY | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | | 12.2(25)S15 |
| | Vulnerable; | |
| 12.2YZ | first fixed | 12.2(28) |
| | in 12.2S | SB12 |
| | | |
| | | 12.2(33)SRC |
|------------+-------------+-------------|
| | Vulnerable; | 12.2(18) |
| 12.2ZA | first fixed | SXF13 |
| | in 12.2SXF | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2ZB | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| 12.2ZC | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.2ZD | Vulnerable; | |
| | contact TAC | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2ZE | first fixed | 12.3(26) |
| | in 12.3 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2ZF | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| 12.2ZG | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.2(13)ZH6 | |
| | are | |
| | vulnerable, | |
| 12.2ZH | release | 12.2(13) |
| | 12.2(13)ZH6 | ZH11 |
| | and later | |
| | are not | |
| | vulnerable; | |
| | first fixed | |
| | in 12.4 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.2ZJ | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | Vulnerable; | 12.4(15)T4 |
| 12.2ZL | first fixed | |
| | in 12.4 | 12.4(18a) |
|------------+-------------+-------------|
| 12.2ZP | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | 12.2(33) |
| 12.2ZU | first fixed | SXH2 |
| | in 12.2SXH | |
|------------+-------------+-------------|
| 12.2ZY | 12.2(18)ZY2 | 12.2(18)ZY2 |
|------------+-------------+-------------|
| Affected | First Fixed | Recommended |
| 12.3-Based | Release | Release |
| Releases | | |
|------------+-------------+-------------|
| 12.3 | 12.3(24) | 12.3(26) |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3B | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| 12.3BC | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3BW | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| 12.3EU | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.3JA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.3JEA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.3JEB | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.3JEC | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Releases | |
| | prior to | |
| | 12.3(8)JK1 | |
| | are | |
| 12.3JK | vulnerable, | 12.3(8)JK1 |
| | release | |
| | 12.3(8)JK1 | |
| | and later | |
| | are not | |
| | vulnerable; | |
|------------+-------------+-------------|
| 12.3JL | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.3JX | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3T | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| 12.3TPC | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.3VA | Vulnerable; | |
| | contact TAC | |
|------------+-------------+-------------|
| | 12.3(2)XA7; | 12.3(2)XA7; |
| 12.3XA | Available | Available |
| | on | on |
| | 31-MAR-08 | 31-MAR-08 |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3XB | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | | 12.4(15)T4 |
| 12.3XC | 12.3(2)XC5 | |
| | | 12.4(18a) |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3XD | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | 12.3(2)XE6; | 12.4(15)T4 |
| 12.3XE | Available | |
| | on | 12.4(18a) |
| | 31-MAR-08 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3XF | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| | first fixed | 12.4(15)T4 |
| 12.3XG | in 12.3YG; | |
| | Available | 12.4(18a) |
| | on | |
| | 16-JUN-08 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3XH | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | 12.3(7) | |
| | XI11; | |
| 12.3XI | Available | |
| | on | |
| | 18-SEP-08 | |
|------------+-------------+-------------|
| | Vulnerable; | 12.3(14) |
| 12.3XJ | first fixed | YX11 |
| | in 12.3YX | |
| | | 12.4(15)T4 |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3XK | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3XQ | first fixed | 12.4(18a) |
| | in 12.4 | |
|------------+-------------+-------------|
| | 12.3(7)XR8; | 12.3(7)XR8; |
| 12.3XR | Available | Available |
| | on | on |
| | 31-MAR-08 | 31-MAR-08 |
|------------+-------------+-------------|
| 12.3XS | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3XU | first fixed | 12.4(15)T4 |
| | in 12.4T | |
|------------+-------------+-------------|
| | Vulnerable; | 12.3(14) |
| 12.3XW | first fixed | YX11 |
| | in 12.3YX | |
| | | 12.4(15)T4 |
|------------+-------------+-------------|
| 12.3XY | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.3YA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.3YD | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | Vulnerable; | 12.3(14) |
| 12.3YF | first fixed | YX11 |
| | in 12.3YX | |
| | | 12.4(15)T4 |
|------------+-------------+-------------|
| | 12.3(8)YG7; | |
| 12.3YG | Available | 12.4(15)T4 |
| | on | |
| | 16-JUN-08 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3YH | first fixed | 12.4(15)T4 |
| | in 12.4T | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3YI | first fixed | 12.4(15)T4 |
| | in 12.4T | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3YJ | first fixed | 12.4(15)T4 |
| | in 12.4T | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3YK | first fixed | 12.4(15)T4 |
| | in 12.4T | |
|------------+-------------+-------------|
| 12.3YM | 12.3(14) | 12.3(14) |
| | YM12 | YM12 |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3YQ | first fixed | 12.4(15)T4 |
| | in 12.4T | |
|------------+-------------+-------------|
| | 12.3(11) | |
| | YS3; | |
| 12.3YS | Available | 12.4(15)T4 |
| | on | |
| | 31-MAR-08 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3YT | first fixed | 12.4(15)T4 |
| | in 12.4T | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.3YU | first fixed | |
| | in 12.4XB | |
|------------+-------------+-------------|
| 12.3YX | 12.3(14) | 12.3(14) |
| | YX11 | YX11 |
|------------+-------------+-------------|
| 12.3YZ | 12.3(11)YZ3 | |
|------------+-------------+-------------|
| Affected | First Fixed | Recommended |
| 12.4-Based | Release | Release |
| Releases | | |
|------------+-------------+-------------|
| | 12.4(10c) | |
| | | |
| | 12.4(13e) | |
| | | |
| | 12.4(16b) | |
| 12.4 | | 12.4(18a) |
| | 12.4(17) | |
| | | |
| | 12.4(3h) | |
| | | |
| | 12.4(8d) | |
|------------+-------------+-------------|
| 12.4JA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.4JK | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.4JMA | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.4JMB | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.4JMC | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.4JX | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| | 12.4(15)MD; | |
| 12.4MD | Available | |
| | on | |
| | 09-MAY-08 | |
|------------+-------------+-------------|
| 12.4MR | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.4SW | Vulnerable; | |
| | contact TAC | |
|------------+-------------+-------------|
| | 12.4(15)T2 | |
| | | |
| 12.4T | 12.4(6)T10 | 12.4(15)T4 |
| | | |
| | 12.4(9)T7 | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.4XA | first fixed | 12.4(15)T4 |
| | in 12.4T | |
|------------+-------------+-------------|
| 12.4XB | 12.4(2)XB6 | |
|------------+-------------+-------------|
| 12.4XC | Vulnerable; | |
| | contact TAC | |
|------------+-------------+-------------|
| 12.4XD | 12.4(4)XD10 | 12.4(4)XD10 |
|------------+-------------+-------------|
| 12.4XE | 12.4(6)XE2 | 12.4(15)T4 |
|------------+-------------+-------------|
| 12.4XF | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.4XG | 12.4(9)XG2 | 12.4(9)XG2 |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.4XJ | first fixed | 12.4(15)T4 |
| | in 12.4T | |
|------------+-------------+-------------|
| | Vulnerable; | |
| 12.4XK | first fixed | 12.4(15)T4 |
| | in 12.4T | |
|------------+-------------+-------------|
| 12.4XL | 12.4(15)XL2 | |
|------------+-------------+-------------|
| 12.4XM | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.4XN | Not | |
| | Vulnerable | |
|------------+-------------+-------------|
| 12.4XT | 12.4(6)XT2 | 12.4(6)XT2 |
|------------+-------------+-------------|
| 12.4XV | 12.4(11)XV | |
|------------+-------------+-------------|
| 12.4XW | Vulnerable; | 12.4(11)XW6 |
| | contact TAC | |
|------------+-------------+-------------|
| 12.4XY | Not | |
| | Vulnerable | |
+----------------------------------------+
A special patch for Cisco IOS Software Modularity is also available
and can be downloaded from the Cisco IOS Software Modularity Patch
Navigator at http://tools.cisco.com/swdf/ionpn/jsp/main.jsp.
Workarounds
===========
The workaround consists of filtering UDP packets to port 2067 and IP
protocol 91 packets. Filters can be applied at network boundaries to
filter all IP protocol 91 packets and UDP packets to port 2067 or can
be applied on individual affected devices to permit such traffic only
from trusted peer IP addresses. However, since both of the protocols
are connectionless, it is possible for an attacker to spoof malformed
packets from legitimate peer IP addresses.
As soon as DLSw is configured, the Cisco IOS device begins listening
on IP protocol 91. However, this protocol is only used if DLSw is
configured for Fast Sequenced Transport (FST). A DLSw FST peer
configuration will contain the following line:
"dlsw remote-peer 0 fst <ip-address>"
If FST is used, filtering IP protocol 91 will break the operation, so
filters need to permit protocol 91 traffic from legitimate peer IP
addresses.
It is possible to disable UDP processing in DLSw with the "dlsw
udp-disable" command. However, disabling UDP only prevents the sending
of UDP packets, it does not prevent the receiving and processing of
incoming UDP packets. To protect a vulnerable device from malicious
packets via UDP port 2067, both of the following actions must be
taken:
1. Disable UDP outgoing packets with the "dlsw udp-disable" command,
AND
2. Filter UDP 2067 in the vulnerable device using infrastructure
ACL.
Additional mitigation techniques that can be deployed on Cisco
devices within the network are available in the Cisco Applied
Mitigation Bulletin companion document for this advisory:
http://www.cisco.com/warp/public/707/cisco-amb-20080326-dlsw.shtml
Using Control Plane Policing on Affected Devices
+-----------------------------------------------
Control Plane Policing (CoPP) can be used to block untrusted DLSw
traffic to the device. Cisco IOS software releases 12.0S, 12.2SX,
12.2S, 12.3T, 12.4, and 12.4T support the CoPP feature. CoPP may be
configured on a device to protect the management and control planes
to minimize the risk and effectiveness of direct infrastructure
attacks by explicitly permitting only authorized traffic sent to
infrastructure devices in accordance with existing security policies
and configurations. The following example, which uses 192.168.100.1
to represent a trusted host, can be adapted to your network. If FST
is not used, protocol 91 may be completely filtered. Additionally, if
UDP is disabled with the "dlsw udp-disable" command, UDP port 2067
may also be completely filtered.
!--- Deny DLSw traffic from trusted hosts to all IP addresses
!--- configured on all interfaces of the affected device so that
!--- it will be allowed by the CoPP feature
access-list 111 deny udp host 192.168.100.1 any eq 2067
access-list 111 deny 91 host 192.168.100.1 any
!--- Permit all other DLSw traffic sent to all IP addresses
!--- configured on all interfaces of the affected device so that it
!--- will be policed and dropped by the CoPP feature
access-list 111 permit udp any any eq 2067
access-list 111 permit 91 any any
!--- Permit (Police or Drop)/Deny (Allow) all other Layer 3 and Layer 4
!--- traffic in accordance with existing security policies and
!--- configurations for traffic that is authorized to be sent
!--- to infrastructure devices
!--- Create a Class-Map for traffic to be policed by
!--- the CoPP feature
class-map match-all drop-DLSw-class
match access-group 111
!--- Create a Policy-Map that will be applied to the
!--- Control-Plane of the device.
policy-map drop-DLSw-traffic
class drop-DLSw-class
drop
!--- Apply the Policy-Map to the Control-Plane of the
!--- device
control-plane
service-policy input drop-DLSw-traffic
In the above CoPP example, the access control entries (ACEs) which
match the potential exploit packets with the "permit" action result
in these packets being discarded by the policy-map "drop" function,
while packets that match the "deny" action (not shown) are not
affected by the policy-map drop function. Please note that in the
Cisco IOS 12.2S and 12.0S trains the policy-map syntax is different:
policy-map drop-DLSw-traffic
class drop-DLSw-class
police 32000 1500 1500 conform-action drop exceed-action drop
Additional information on the configuration and use of the CoPP
feature is available at
http://www.cisco.com/en/US/products/ps6642/products_white_paper0900aecd804f…
and http://www.cisco.com/en/US/products/sw/iosswrel/ps1838/products_feature_gui….
Using Infrastructure ACLs at Network Boundary
+--------------------------------------------
Although it is often difficult to block traffic transiting your
network, it is possible to identify traffic that should never be
allowed to target your infrastructure devices and block that traffic
at the border of your network. iACLs are a network security best
practice and should be considered as a long-term addition to good
network security as well as a workaround for this specific
vulnerability. The iACL example shown below should be included as
part of the deployed infrastructure access-list that will protect all
devices with IP addresses in the infrastructure IP address range. If
FST is not used, protocol 91 may be completely filtered.
Additionally, if UDP is disabled with the "dlsw udp-disable" command,
UDP port 2067 may also be completely filtered.
!--- Permit DLSw (UDP port 2067 and IP protocol 91) packets
!--- from trusted hosts destined to infrastructure addresses.
access-list 150 permit udp TRUSTED_HOSTS MASK INFRASTRUCTURE_ADDRESSES MASK eq 2067
access-list 150 permit 91 TRUSTED_HOSTS MASK INFRASTRUCTURE_ADDRESSES MASK
!--- Deny DLSw (UDP port 2067 and IP protocol 91) packets from
!--- all other sources destined to infrastructure addresses.
access-list 150 deny udp any INFRASTRUCTURE_ADDRESSES MASK eq 2067
access-list 150 deny 91 any INFRASTRUCTURE_ADDRESSES MASK
!--- Permit/deny all other Layer 3 and Layer 4 traffic in accordance
!--- with existing security policies and configurations
!--- Permit all other traffic to transit the device.
access-list 150 permit ip any any
interface serial 2/0
ip access-group 150 in
The white paper entitled "Protecting Your Core: Infrastructure
Protection Access Control Lists" presents guidelines and recommended
deployment techniques for infrastructure protection access lists.
This white paper can be obtained at the following link:
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a0…
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets
they have purchased. By installing, downloading, accessing or
otherwise using such software upgrades, customers agree to be bound
by the terms of Cisco's software license terms found at
http://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.ht…
or as otherwise set forth at Cisco.com Downloads at
http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt(a)cisco.com or security-alert(a)cisco.com for
software upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through
their regular update channels. For most customers, this means that
upgrades should be obtained through the Software Center on Cisco's
worldwide website at http://www.cisco.com.
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through
prior or existing agreements with third-party support organizations,
such as Cisco Partners, authorized resellers, or service providers
should contact that support organization for guidance and assistance
with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or
fix is the most appropriate for use in the intended network before it
is deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco
service contract, and customers who purchase through third-party
vendors but are unsuccessful in obtaining fixed software through
their point of sale should acquire upgrades by contacting the Cisco
Technical Assistance Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac(a)cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to
a free upgrade. Free upgrades for non-contract customers must be
requested through the TAC.
Refer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerability described in this advisory.
These vulnerabilities were found internally.
Status of this Notice: FINAL
============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at :
http://www.cisco.com/warp/public/707/cisco-sa-20080326-dlsw.shtml
In addition to worldwide web posting, a text version of this notice
is clear-signed with the Cisco PSIRT PGP key and is posted to the
following e-mail and Usenet news recipients.
* cust-security-announce(a)cisco.com
* first-teams(a)first.org
* bugtraq(a)securityfocus.com
* vulnwatch(a)vulnwatch.org
* cisco(a)spot.colorado.edu
* cisco-nsp(a)puck.nether.net
* full-disclosure(a)lists.grok.org.uk
* comp.dcom.sys.cisco(a)newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.
Revision History
================
+---------------------------------------+
| Revision | | Initial |
| 1.0 | 2008-Mar-26 | public |
| | | release |
+---------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is available
on Cisco's worldwide website at
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.….
This includes instructions for press inquiries regarding Cisco
security notices. All Cisco security advisories are available at
http://www.cisco.com/go/psirt.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
iEYEARECAAYFAkfqS64ACgkQ86n/Gc8U/uD2DwCgloXg5P1/99amiSHmfy+hWxw4
j3YAnjEDUj724NtdpJQcDw2Ui4pKwu01
=ufq4
-----END PGP SIGNATURE-----
1
0