I agree - this would not be a defect that would require backbone maintenance - it's a defect that would affect edge VOIP devices, hardly core infrastructure. Of course, it could be that there is another more serious defect out there that major providers have been pre-warned about and are deploying countermeasures prior to a general disclosure (ALA SNMP vulnerabilities). We'll have to wait and see. On 24/1/05 6:49 PM, "Alexei Roudnev" <alex@relcom.net> wrote:
I do not expect, that any carriet took this as an emergency - defect is quite harmless (DOS in the worst case, + no exploits known, + no any interest for anyone to do it, + VoIP gateways involved only...). Even if someone is doing maintanance, it can be noticed by VoIP network users only.
Moreover, correct me if it was not defect in Cisco express call center (call center @ IOS) - I can not image carriers using this (it was designed for small businesses).
Why to get simple, relatively harmless (require ugrade in next scheduled time, usually 1 - 3 weeks) defect as a terrible threat to everyone? Even BGP problem was much more dangerous (and no single case known since this, so it was not emergency as well)..
----- Original Message ----- From: "Darrell Kristof (CE CEN)" <Darrell.Kristof@wholefoods.com> To: <nanog@merit.edu> Sent: Saturday, January 22, 2005 7:52 PM Subject: Emergency Internet Backbone Provider Maintenance Tonight