07-29-2003 03:17 PM - edited 03-02-2019 09:13 AM
The C3500XL do run IOS but are they vulnerable to the DOS attack outlined in the Cisco July 18 Security Advisory?
If so I guees the only solution is to upgrade the IOS as they do not support ACL's as required for the work around.
07-29-2003 03:27 PM
Yes..XLs are vulnerable. The management interface could get wedged causing to loose IP connectivity to the switch.
07-29-2003 11:19 PM
Wouldn't be enough to configure
access-list 101 permit tcp any any
access-list 101 permit udp any any
access-list 101 deny 53 any any
access-list 101 deny 55 any any
access-list 101 deny 77 any any
access-list 101 deny 103 any any
access-list 101 permit ip any any
interface VLANx
ip access-group 101 in
while using int VLANx as the management interface?
I've just done it on my C3548-XL running IOS 12.0(5)WC5a.
Regards,
Milan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide