Cisco OL-4015-08 Manual de usuario descargar pdf (Pagina 589)

100

101

941

Cross-Platform Release Notes for Cisco IOS Release 12.0S

OL-1617-14 Rev. Q0

Caveats

Resolved Caveats—Cisco IOS Release 12.0(30)S1

• CSCef60659

A document that describes how the Internet Control Message Protocol (ICMP) could be used to

perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol

(TCP) has been made publicly available. This document has been published through the Internet

Engineering Task Force (IETF) Internet Draft process, and is entitled “ICMP Attacks Against TCP”

(draft-gont-tcpm-icmp-attacks-03.txt).

These attacks, which only affect sessions terminating or originating on a device itself, can be of

three types:

1. Attacks that use ICMP “hard” error messages.

2. Attacks that use ICMP “fragmentation needed and Don’t Fragment (DF) bit set” messages, also

known as Path Maximum Transmission Unit Discovery (PMTUD) attacks.

3. Attacks that use ICMP “source quench” messages.

Successful attacks may cause connection resets or reduction of throughput in existing connections,

depending on the attack type.

Multiple Cisco products are affected by the attacks described in this Internet draft.

Cisco has made free software available to address these vulnerabilities. In some cases there are

workarounds available to mitigate the effects of the vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.

The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security

Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple

vendors whose products are potentially affected.

• CSCef65500

Symptoms: A Cisco router that is configured for OSPF may generate recurring SYS-3-CPUHOG

messages and tracebacks that are caused by the OSPF process:

%OSPF-5-ADJCHG: Process 100, Nbr 10.52.0.186 on ATM1/0.381 from LOADING to

FULL, Loading Done

%SYS-3-CPUHOG: Task ran for 4568 msec (243/31), process = OSPF Router, PC =

60B9DFA8.

-Traceback= 60B9DFB0 60B7E6E0 60B7EE58

%OSPF-5-ADJCHG: Process 100, Nbr 10.53.0.66 on ATM1/0.115 from FULL to DOWN,

Neighbor Down: Dead timer expired

%OSPF-5-ADJCHG: Process 100, Nbr 10.53.0.66 on ATM1/0.115 from LOADING to

FULL, Loading Done

%SYS-3-CPUHOG: Task ran for 4988 msec (569/120), process =

OSPF Router, PC = 60B9DFA8.

-Traceback= 60B9DFB0 60B7E6E0 60B7EE58

At another date, the following error messages and tracebacks are generated:

%SYS-3-CPUHOG: Task ran for 2224 msec (368/9), process = OSPF Router, PC =

60BA80BC.

-Traceback= 60BA80C4 60B8876C 60B88EE4

%OSPF-5-ADJCHG: Process 100, Nbr 10.61.0.26 on ATM2/0.179 from FULL to DOWN,

Neighbor Down: Dead timer expired

%OSPF-5-ADJCHG: Process 100, Nbr 10.61.0.26 on ATM2/0.179 from INIT to DOWN,

Neighbor Down: Interface down or detached

1 2 ... 584 585 586 587 588 589 590 591 592 593 594 ... 677 678

Comentarios a estos manuales

Sin comentarios

Cisco OL-4015-08 Manual de usuario Pagina 589

Comentarios a estos manuales

Relacionado con productos y manuales para Redes Cisco OL-4015-08