[AusNOG] Cisco 7200 a popular "ddos" target?
Greg M
gregm at servu.net.au
Wed Sep 29 12:47:23 EST 2010
Hi Noggers,
We were deploying a Cisco 7204vxr in Sydney and during the testing/setup
phase had SSH access setup and not firewalled on the device and noticed that
the CPU would sit anywhere from 20-45% CPU load with 0Mbps of traffic on it.
Since putting in ACL's for the vty interfaces, and putting the device into
production, this has dropped off to 12% with 130Mbps of traffic running
across it - which is what we would expect.
Question is - is there malware out there that is designed to specifically
DDoS the vty interfaces (ssh/telnet) of the 7200? It seems bizzare that this
would be the case.
Thanks,
Greg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100929/15c8f0c8/attachment.html>
More information about the AusNOG
mailing list