And quite honestly, we can probably be pretty safe in assuming they will not be running IPv6 (current exploit) or SNMP (older exploits) or BGP (other exploits) or SSH (even other exploits) on that box. :) (the 1601 or the 2500's) But, in the advisory that Cisco put out, it did mention free software upgrades were available even to non-contract customers. They simply had to originate from a call to TAC about it. Doesn't seem too bad. Not everyone has to worry about these things. Place and time. Scott -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of David Barak Sent: Friday, July 29, 2005 2:52 PM To: nanog@merit.edu Subject: Re: Cisco IOS Exploit Cover Up --- John Forrister <john@segfault.com> wrote:
Indeed - Cisco's hardware, especially the older, smaller boxes, tended to be really solid once you got them running. I was just pondering a few minutes ago on how many 2500's I configured & installed in 1996 & 1997 are still running today, on code that's no longer supported by Cisco, and which are incapable of taking enough flash to load a newer image.
As a definite example, A client of mine has a 1601 sitting on the end of a T1 running 11.3... They're not interested in spending any money on an upgrade, as the box is doing exactly what they want: running RIP internally, and taking Ethernet-in and Serial-out. -David __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com