If someone runs this program, pointing it to a Max (I think Pipelines,
too), the Max will reset with a Fatal Error. I don't think it makes a
difference what operating system version you're using.
We tested it on one of our Maxes and sure enough, it worked:
FATAL ERROR: Index: 1 Load: tm.m40 Revision: 6.0.0
Date: 03/17/1998. Time: 10:27:58
Location: b013b5f4 b013d1b4 b013ca08 b001cc48 b001f22c b0071428
The Max boots back up in about 2 minutes and all settings are still intact.
My partner here set up a filter in our Maxes to prevent attacks from
incoming traffic across the net and afterward, the attack had no effect.
We haven't experimented with our Pipeline 50s yet...
--The following is how to set up the filter to block UDP traffic to port 9on the Ascend boxes. The only thing this will break that I am aware of isthe Ascend Java Configurator, but nobody seems to use that anyway.Go to:
Ethernet --> Filters --> IP Call --> Input Filters
Edit "In filter 12" and give it the following settings:
Valid=YesType=Generic Generic... Forward=Yes
If you don't do the above, it will block all network traffic through yourMax.
Edit "In filter 01" and give it the following settings:
Valid=YesType=IP IP... Forward=No Src Mask=0.0.0.0 Src Adrs=0.0.0.0 Dst Mask=255.255.255.255 Dst Adrs=(your Max IP address) Protocol=17 Src Port Cmp=Eql Src Port #=9 Dst Port Cmp=Eql Dst Port #=9 TCP Estab=N/A
Then go to:
Ethernet --> Mod Config --> Ether Options
change the Filter to 1
All of this is assuming you are not currently using any filters in yourMax.
You also might want to try it out on dial-in connections (since theMaxes can filter on both ethernet and dial-in) since users can trythis on other people.
Adam RinnTalStar Communications
--Josh Hillmanhillman@talstar.com