Hi, NANOGers. Will makes an excellent point here: ] I beg to differ - 3/4 of the Cisco routers in (enterprise) production are ] *unmaintained*. These will have a variety of vulnerable, buggy or just plain ] crap IOS versions and no-one would've even considered upgrading for years. While I don't have any numbers, I can say that we see a LOT of routers overtly compromised and modified as a result. The modifications are generally scripted, and include changing the passwords (to anything but "cisco"), disabling logging, and adding filters. You'd think such things would be rather obvious, and they are, yet no one notices. Most of these compromised routers are at the end of FR or frac-T connections. I suspect a great many of them were configured once, then left to rot with the same code and configuration for years and years. Thanks, Rob. -- Rob Thomas http://www.cymru.com Shaving with Occam's razor since 1999.