[OT] Red Code Cisco 675 madness

Russell Power rjpower at washington.edu
Sun Aug 5 21:14:36 PDT 2001 

I can say I have had no problems with my 675 over the last week - though
many people I know are having fits...

The only configuration difference I can notice between those with problems
and my own is that I route port 80 directly through to my linux machine on
the lan.  Any access attempts to port 80 go to the internal network even if
web setup is enabled.

A command like this (even to a non-existent computer) might help - it's
worth a shot if you're really having problems:

enable
set nat entry add 10.0.0.62 80 tcp

HTH,

--russell

----- Original Message -----
From: "Dan Sanderson" <dsanders at dansanderson.com>
To: "UW Linux Group" <linux at u.washington.edu>
Sent: Sunday, August 05, 2001 12:04 PM
Subject: [OT] Red Code Cisco 675 madness


>
> Another off-topic Cisco 675 question for everyone.  If you don't like
> Cisco questions, rest assured that an answer to this one will make me very
> happy.
>
> As most Cisco 675 owners know by now, the "Red Code" ("Code Red"?) virus
> has a payload that attacks Cisco 675's using an old DoS exploit, crashing
> the router and necessitating power cycling to restore service.  The
> prevelance of the virus causes this to happen every couple of hours now,
> and it's driving me insane.
>
> Qwest claims it only affects routers set up to have web-based
> configuration enabled, and shutting off this feature fixes the problem.
> This isn't true; I've "set web disable" a dozen times now, writing and
> rebooting as per instructions.  "show web" properly lists the feature as
> disabled.  Other security web sites claim that upgrading the firmware
> includes patches that will solve this.  I believe I properly followed
> instructions to upgrade to v2.4.1, and "show version" properly lists the
> new version number.  However, I'm still having this problem.
>
> I'd bet money that Qwest won't be able to help me with this, and I'm not
> waiting the 113 minutes on hold to be told everything I already
> know.  However, this has got to be a very widespread problem, so I'm
> hoping someone else has suggestions.  Has anyone had success in fixing
> this problem?
>
> If it comes down to it, is it possible to get another brand of external
> DSL modem/router to use with Qwest.net?  Anyone have any to
> recommend?  What are the disadvantages to doing this, if it's possible?
>
> Many thanks for any assistance you can provide.  I'd suggest taking this
> discussion off the list, but I'm betting I'm not the only one here having
> problems.  :)
>
> -- Dan
>
>
>
>

More information about the Linux mailing list