>Security Issues with Ascend Routing Hardware
>If someone runs this program, pointing it to a Max (I think Pipelines,
>too), the Max will reset with a Fatal Error. I don't think it makes a
>difference what operating system version you're using.
>We tested it on one of our Maxes and sure enough, it worked:
> FATAL ERROR: Index: 1 Load: tm.m40 Revision: 6.0.0
> Date: 03/17/1998. Time: 10:27:58
> Location: b013b5f4 b013d1b4 b013ca08 b001cc48 b001f22c b0071428
>The Max boots back up in about 2 minutes and all settings are still intact.
>My partner here set up a filter in our Maxes to prevent attacks from
>incoming traffic across the net and afterward, the attack had no effect.
>We haven't experimented with our Pipeline 50s yet...
>The following is how to set up the filter to block UDP traffic to port 9
>on the Ascend boxes. The only thing this will break that I am aware of is
>the Ascend Java Configurator, but nobody seems to use that anyway.
>Ethernet --> Filters --> IP Call --> Input Filters
>Edit "In filter 12" and give it the following settings:
>If you don't do the above, it will block all network traffic through your
>Edit "In filter 01" and give it the following settings:
> Src Mask=0.0.0.0
> Src Adrs=0.0.0.0
> Dst Mask=255.255.255.255
> Dst Adrs=(your Max IP address)
> Src Port Cmp=Eql
> Src Port #=9
> Dst Port Cmp=Eql
> Dst Port #=9
> TCP Estab=N/A
>Then go to:
>Ethernet --> Mod Config --> Ether Options
> change the Filter to 1
>All of this is assuming you are not currently using any filters in your
>You also might want to try it out on dial-in connections (since the
>Maxes can filter on both ethernet and dial-in) since users can try
>this on other people.
> NTISP Mailing List firstname.lastname@example.org