"Austad, Jay" <austad at marketwatch.com> wrote: > > A good quick solution for this is to block snmp at your border routers and > access-list the links you have to customers, and also block echo (7/udp) as > it can be used to relay snmp attacks by spoofing the source address and > port. Ah.. That's what the problem was with echo.. My boss had mentioned that echo should be turned off, but I thought it sounded pretty ludicrous for there to be an exploit for it. -- _ _ _ _ _ ___ _ _ _ ___ _ _ __ Syntactic sugar causes / \/ \(_)| ' // ._\ / - \(_)/ ./| ' /(__ cancer of the semicolon. \_||_/|_||_|_\\___/ \_-_/|_|\__\|_|_\ __) [ Mike Hicks | http://umn.edu/~hick0088/ | mailto:hick0088 at tc.umn.edu ] -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20020213/17a6ddef/attachment.pgp