On Wed, 16 Jul 2003, Eric Gauthier wrote:
Ok, fine, don't tell the rest of use what it is, how to detect it, or how to defend against it. We in the university space will just do nothing because we have nothing to put into our IDS sensors to watch for/block it out. Because, you know, we're going to be the sources :)
And then we'll hear all of the usual flak about how universities are unprepared to handle security problems... I would just like to hear if there is a publicly available fix yet. If the backbone carriers have already scheduled their work, then they likely have a fix in hand. If the fix isn't available, then a rough schedule would be good so we can plan. I'd like to understand the vulnerability, but I'd certainly be okay with cisco saying "psst. put this version of IOS on your boxes. don't ask us why just yet. we'll explain more later." Or, maybe they WANT *our* routers to kick over so that we can't source the attack... michael