Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

804-IDSL router with IP-FW not blocking TCP 80 after NIMDA

We've got a really nasty situation that cropped up after NIMDA did its damage to a web server; the attack drove the router to 100 percent util, and now the unit won't block TCP 80 regardless of the ACLs. Before the attack, all ACLs worked fine and the CBAC code worked as advertised. Now, even with TCP 80 blocked inbound and outbound on both the WAN and ethernet port, a sniffer has confirmed that TCP 80 is getting by.

Has anyone heard of this problem after the attack on the 800 line of routers? I've already posted a message in Open Forum, but wanted to try another avenue as well. For now, it seems as if the firmware has been compromised on this unit.

Thanks,

Jeff Bankston

Sr. Consultant

Vista IT

1 REPLY
Silver

Re: 804-IDSL router with IP-FW not blocking TCP 80 after NIMDA

I didn’t see any such issue when we were hit with Nimda. It might be the IOS version you’re running although I couldn’t find any bugs filed on any of the versions.

108
Views
0
Helpful
1
Replies
CreatePlease login to create content