Security Issues with Ascend Routing Hardware, fix

Josh Hillman ( (no email) )
Tue, 17 Mar 1998 11:27:35 -0500

Security Issues with Ascend Routing Hardware

If someone runs this program, pointing it to a Max (I think Pipelines,
too), the Max will reset with a Fatal Error. I don't think it makes a
difference what operating system version you're using.
We tested it on one of our Maxes and sure enough, it worked:

FATAL ERROR: Index: 1 Load: tm.m40 Revision: 6.0.0
Date: 03/17/1998. Time: 10:27:58
Location: b013b5f4 b013d1b4 b013ca08 b001cc48 b001f22c b0071428

The Max boots back up in about 2 minutes and all settings are still intact.

My partner here set up a filter in our Maxes to prevent attacks from
incoming traffic across the net and afterward, the attack had no effect.
We haven't experimented with our Pipeline 50s yet...

--The following is how to set up the filter to block UDP traffic to port 9on the Ascend boxes.  The only thing this will break that I am aware of isthe Ascend Java Configurator, but nobody seems to use that anyway.

Go to:

Ethernet --> Filters --> IP Call --> Input Filters

Edit "In filter 12" and give it the following settings:

Valid=YesType=Generic Generic... Forward=Yes

If you don't do the above, it will block all network traffic through yourMax.

Edit "In filter 01" and give it the following settings:

Valid=YesType=IP IP... Forward=No Src Mask= Src Adrs= Dst Mask= Dst Adrs=(your Max IP address) Protocol=17 Src Port Cmp=Eql Src Port #=9 Dst Port Cmp=Eql Dst Port #=9 TCP Estab=N/A

Then go to:

Ethernet --> Mod Config --> Ether Options

change the Filter to 1

All of this is assuming you are not currently using any filters in yourMax.

You also might want to try it out on dial-in connections (since theMaxes can filter on both ethernet and dial-in) since users can trythis on other people.

Adam RinnTalStar Communications