07-29-2003 03:17 PM - edited 03-02-2019 09:13 AM
The C3500XL do run IOS but are they vulnerable to the DOS attack outlined in the Cisco July 18 Security Advisory?
If so I guees the only solution is to upgrade the IOS as they do not support ACL's as required for the work around.
07-29-2003 03:27 PM
Yes..XLs are vulnerable. The management interface could get wedged causing to loose IP connectivity to the switch.
07-29-2003 11:19 PM
Wouldn't be enough to configure
access-list 101 permit tcp any any
access-list 101 permit udp any any
access-list 101 deny 53 any any
access-list 101 deny 55 any any
access-list 101 deny 77 any any
access-list 101 deny 103 any any
access-list 101 permit ip any any
interface VLANx
ip access-group 101 in
while using int VLANx as the management interface?
I've just done it on my C3548-XL running IOS 12.0(5)WC5a.
Regards,
Milan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: