From gter at registro.br  Mon Mar  1 10:01:32 2010
From: gter at registro.br (Secretaria GTER29)
Date: Mon, 1 Mar 2010 10:01:32 -0300
Subject: [GTER] Chamada de Trabalhos GTER 29
Message-ID: <20100301130132.GD13259@registro.br>

GTER - Grupo de Trabalho de Engenharia e Opera??o de Redes - 29? Reuni?o
GTS - Grupo de Trabalho em Seguran?a de Redes - 15? Reuni?o
S?o Paulo - 14 e 15 de maio de 2010
http://gter.nic.br/
http://gts.nic.br/


                     ** Chamada de Trabalhos **


O Grupo de Trabalho de Engenharia e Opera??o de Redes, em sua 29?
Reuni?o a ser realizada nos dias 14 e 15 de maio de 2010 em S?o Paulo,
convida a comunidade de operadores de servi?os internet no Brasil para
o envio de apresenta??es sobre Engenharia e Opera??o de Redes
Internet.

O material deve tratar principalmente de aspectos pr?ticos e
operacionais da atualidade dos servi?os Internet no pa?s.

Segue uma lista, ordenada alfabeticamente e n?o exaustiva, de
sugest?es para t?picos:

DoS / DDoS
Engenharia de Tr?fego / Roteamento
Escalabilidade
IP Switching / Filtering
IPv6
Internet eXchange
Network Aplications (DNS, SMTP, HTTP, VoIP etc.)
Network Management
Proxies
?ltima Milha (Wi-Fi, WiMAX, xDSL, FTTH, HFC, xPON etc.)
VPNs
Wireless

Seguindo o modelo dos eventos anteriores, a reuni?o do GTS - Grupo de
Trabalho de Seguran?a, estar? ocorrendo conjuntamente, mas desta vez
ser? realizada no primeiro dia do evento para que o programa de
seguran?a se integre melhor com a ocorr?ncia pr?via do CeCOS IV
http://www.antiphishing.org/events/2010_opSummit.html. A chamada
espec?fica de trabalhos para a reuni?o do GTS pode ser consultada em
http://gts.nic.br/

A infra-estrutura do evento ? patrocinada pelo Comit? Gestor da
Internet no Brasil, mas h? oportunidades de patroc?nio de camisetas,
coffee-breaks e eventos sociais; detalhes de patroc?nio podem ser
encontrados em http://gter.nic.br/reunioes/como-patrocinar

Forma / Formato de Envio
------------------------
Os resumos de apresenta??es dever?o ser enviados para gter at
registro.br em formato texto no corpo do email e dever?o conter
obrigatoriamente:

 - T?tulo do Trabalho
 - Nome do(s) Apresentador(es)
 - Resumo
 - Tempo estimado

As apresenta??es devem ter dura??o m?xima de 60 minutos incluindo
tempo para perguntas e respostas.

Este material e adi??es caso sejam solicitadas, ser? utilizado como
base para aceita??o das apresenta??es pelo Comit? do Programa. As
apresenta??es finais dever?o ser enviadas em formato A4 Postscript ou
PDF.


Datas Importantes
-----------------
Limite para envio dos resumos   29/03/2010
Notifica??es dos Autores        09/04/2010
Pr?-agenda                      12/04/2010
Abertura das Inscri??es         12/04/2010


Local
-----
Blue Tree Towers Morumbi
S?o Paulo - SP


Apoio
-----
Comit? Gestor da Internet no Brasil


Organiza??o
-----------
NIC.br

-- 
 Secretaria GTER 29? Reuni?o                           <gter at registro.br>
 S?o Paulo - 14 e 15 de maio de 2010                  http://gter.nic.br/

From adriano at acmesecurity.org  Mon Mar  1 10:01:53 2010
From: adriano at acmesecurity.org (Adriano Cansian)
Date: Mon, 1 Mar 2010 10:01:53 -0300
Subject: [GTER] GTS-15 Sao Paulo / Chamada de Propostas
Message-ID: <4FAC31C0-4DD5-4BA8-8AF5-9CFCFFE25AEE@acmesecurity.org>


GTER - Grupo de Trabalho de Engenharia e Opera??o de Redes - 29? Reuni?o
GTS - Grupo de Trabalho em Seguran?a de Redes - 15? Reuni?o
S?o Paulo - 14 e 15 de maio de 2010
http://gter.nic.br/
http://gts.nic.br/

% Chamada de Trabalhos

O GTS - Grupo de Trabalho em Seguran?a de Redes, est? organizando sua  
15a. Reuni?o em conjunto com a 29a. Reuni?o do Grupo de Trabalho de  
Engenharia e Opera??o de Redes (GTER), nos dias 14 e 15 de MAIO de  
2010, em S?O PAULO, SP.

A reuni?o do GTS  estar? ocorrendo conjuntamente com o GTER, mas desta  
vez ser? realizada no primeiro dia do evento, para que o programa de  
seguran?a se integre melhor com a ocorr?ncia pr?via do IV CeCOS -  
Counter-eCrime Operations Summit  http://www.antiphishing.org/events/2010_opSummit.html

% Agenda:

11 a 13.05.2010: IV CeCOS (Counter-eCrime Operations Summit)
14.05.2010: GTS-15
15.05.2010: GTER-29

% PATROCINADORES:

A infra-estrutura do evento ? patrocinada pelo Comit? Gestor da  
Internet no Brasil, mas h? oportunidades de patroc?nio de camisetas,  
coffee-breaks e eventos sociais. Detalhes de patroc?nio podem ser  
encontrados em http://gter.nic.br/reunioes/como-patrocinar

% Chamada

Assim, convidamos a comunidade de profissionais de Internet no Brasil  
para o envio de propostas de apresenta??es.

O material deve tratar principalmente de aspectos pr?ticos e
operacionais da atualidade da seguran?a da Internet no pa?s. O comit? de
programa do GTS busca identificar apresenta??es que procurem
compartilhar aplica??es pr?ticas e experi?ncias de sucesso (ou fracasso)
na ?rea, envolvendo novas tecnologias de seguran?a e estudos de casos.

Segue uma lista n?o exaustiva, de sugest?es para t?picos:

* . An?lise de artefatos;
* . An?lise de risco;
* . Assinaturas digitais;
* . Combate a fraudes por computador;
* . Combate a DoS / DDoS;
* . Continuidade de neg?cios e opera??es;
* . Detec??o e prote??o de intrus?o;
* . Filtros, proxies e firewalls;
* . Per?cia e an?lise forense;
* . Pol?ticas de seguran?a;
* . Preven??o e combate ao spam;
* . Programa??o segura;
* . Recupera??o de desastres;
* . Seguran?a wireless;
* . Seguran?a de infra-estrutura;
* . Seguran?a de sistemas e redes;
* . Seguran?a de opera??o de DNS;
* . Tratamento de incidentes;
* . Outros temas de interesse da comunidade de seguran?a.


Ressalta-se que que as apresenta??es sejam aplicadas e *n?o* devem ser  
voltadas a produtos e solu??es de fornecedores espec?ficos, com fins  
comerciais, nem trabalhos que sejam com ?nfase puramente acad?mica. As  
reuni?es do GTS e do GTER buscam a pluralidade de solu??es, com ?nfase  
em "expertise", e n?o em produtos propriet?rios espec?ficos,  
excetuando-se aqueles de c?digo aberto.

A chamada espec?fica de trabalhos para a reuni?o do GTER pode ser  
consultada em http://gter.nic.br

%  Formato de Envio:

Para a reuni?o do GTS-15 as propostas dever?o ser apresentadas de  
acordo com as instru??es  dispon?veis no endere?o: http://gts.nic.br/reunioes/proposta

As apresenta??es devem ter dura??o m?xima de 50 minutos incluindo tempo
para perguntas e respostas.

Datas Importantes
-----------------
Limite para envio depropostas:  	 29/03/2010
Notifica??es dos Autores:			09/04/2010
Pr?-agenda:						12/04/2010
Abertura das Inscri??es:	         	12/04/2010

Local
-----
Blue Tree Towers Morumbi - S?o Paulo - SP

Apoio
-----
Comit? Gestor da Internet no Brasil

Organiza??o
-----------
NIC.br



From gter at registro.br  Mon Mar  1 10:40:11 2010
From: gter at registro.br (Secretaria GTER)
Date: Mon, 1 Mar 2010 10:40:11 -0300
Subject: [GTER] Encerra Hoje - Chamada para Sede - GTER 30 / GTS 16
Message-ID: <20100301134011.GE13259@registro.br>

Senhores(as),

Apesar das constantes demonstra??es de interesse durante as reuni?es,
de termos recebido algumas consultas ap?s o an?ncio da chamada para
sede, at? o presente momento n?o h? nenhuma proposta formal para a
hospedagem do GTER 30 / GTS 16.

Se a sua institui??o tem condi??es de hospedar a reuni?o em sua cidade
n?o perca a oportunidade de proporcionar a comunidade local acesso
presencial ao evento, submeta uma proposta, o prazo ? at? o final do
dia de hoje.

A responsabilidade da institui??o hospedeira ? limitada ao local e a
conectividade para o evento. Todos os outros custos s?o cobertos pelo
NIC.br.

Atenciosamente,
Frederico Neves
(em nome dos comit?s de programa)


GTER - Grupo de Trabalho de Engenharia e Opera??o de Redes - 30? Reuni?o
GTS - Grupo de Trabalho em Seguran?a de Redes - 16? Reuni?o
Brasil - 25 a 27 de novembro de 2010
http://gter.nic.br/
http://gts.nic.br/


                       ** Chamada para Sede **


O Grupo de Trabalho de Engenharia e Opera??o de Redes (GTER), em sua
30? Reuni?o, e o Grupo de Trabalho em Seguran?a de Redes (GTS), em sua
16a.  Reuni?o, a serem realizadas entre os dias 25 e 27 de novembro de
2010, convidam a comunidade de operadores de servi?os internet no
Brasil para o envio de propostas de SEDE para o evento.

Os requisitos m?nimos que devem constar da proposta se resumem ao
fornecimento de:
 
 - Duas salas para um m?nimo de 100 pessoas cada para o primeiro dia
   (tutoriais);
 - Uma sala/audit?rio para um m?nimo de 150 pessoas para o 2o. e
   3o. dias (reuni?o);
 - Conectividade ? internet com 12 Mbits (10+2). Sendo 2 Mbits
   dedicados para a transmiss?o do evento com redund?ncia provida pelo
   restante da conectividade.

A localiza??o em rela??o a rede hoteleira, de alimenta??o e do
transporte a?reo e local ser?o levadas em considera??o pelo comit? de
programa para a escolha da sede.

As propostas e eventuais d?vidas devem ser enviadas por correio
eletr?nico para o endere?o da secretaria do GTER, gter at registro.br at?
01/03/2010.


Datas Importantes
-----------------
Limite para propostas de Sede   01/03/2010
Divulga??o do local   		15/05/2010
Chamada de Trabalhos		17/06/2010


Apoio
-----
Comit? Gestor da Internet no Brasil


Organiza??o
-----------
NIC.br

From rsantos at nic.br  Wed Mar  3 14:26:44 2010
From: rsantos at nic.br (Rodrigo Regis dos Santos)
Date: Wed, 03 Mar 2010 14:26:44 -0300
Subject: [GTER] =?iso-8859-1?q?Turmas_IPv6_basico_-_Recife_=2815_a_19/03?=
 =?iso-8859-1?q?=29_-_Inscri=E7=F5es_prorrogadas?=
Message-ID: <4B8E9BD4.1030300@nic.br>

Caros (as),

devido a exist?ncia de vagas remanescentes, as inscri??es para a turma
de Recife do curso IPv6 B?sico foram prorrogadas at? sexta-feria 05/03/2010.

O curso ser? realizado dos dias 15 a 19 de Mar?o de 2010 na capital
pernambucana e os interessados devem realizar a inscri??o atrav?s do
endere?o http://ipv6.br/basico .

O curso ser? gratuito, com o apoio do Comit? Gestor da Internet no
Brasil, atrav?s do NIC.br, contando com o apoio de empresas da regi?o,
que fornecer?o o local, infraestrutura e coffe breaks.

Mesmo quem j? preencheu a ficha de interesse na turma, deve preencher
novamente os dados na ficha de inscri??o.

? importante notar que:

 - Ser? dada prefer?ncia para institui??es que n?o participaram do curso
anteriormente.
 - Ser?o aceitas apenas duas inscri??es por institui??o, por curso.
 - Desist?ncias devem ser avisadas com no m?nimo 05 dias ?teis de
anteced?ncia, sob pena da inscri??o ser negada em turmas futuras.
 - ? pr?-requisito ser um AS, ou estar em processo de obten??o de ASN.

Exce??es ?s regras podem existir, em caso de haver vagas n?o preenchidas
e ? crit?rio da equipe do IPv6.br.

Informa??es adicionais e sobre as inscri??es est?o dispon?veis no
endere?o: http://ipv6.br/basico.


---
Rodrigo Regis dos Santos

NIC.br - http://nic.br
CEPTRO.br - http://ceptro.br

From moreiras at nic.br  Fri Mar  5 17:18:37 2010
From: moreiras at nic.br (Antonio M. Moreiras)
Date: Sat, 06 Mar 2010 04:18:37 +0800
Subject: [GTER] =?iso-8859-1?q?t=FAneis_IPv6_no_Brasil_com_baixa_lat=EAnci?=
 =?iso-8859-1?q?a?=
Message-ID: <4B91671D.5010203@nic.br>

A CTBC est? agora hospedando o servidor brudi01.sixxs.net do Tunnel 
Broker SixXS, o que torna poss?vel usar t?neis com baixa lat?ncia agora 
no Brasil. N?o ? poss?vel usar BGP via esse tipo de t?nel, no entanto. A 
oferta se aplica melhor a usu?rios dom?sticos e empresas que queiram 
come?ar a utilizar o protocolo.

http://ipv6-pt.ning.com/profiles/blogs/ctbc-agora-oferece-tuneis-ipv6
http://www.sixxs.net

[]s
Moreiras.
**

From MBORBA at trf3.jus.br  Wed Mar 10 15:02:59 2010
From: MBORBA at trf3.jus.br (MARLON BORBA)
Date: Wed, 10 Mar 2010 15:02:59 -0300
Subject: [GTER] "Proxy" Whois.
Message-ID: <4B97B4A3020000460002F2BF@svntrf311.trf3.jus.br>

Srs.,

Para auxiliar os trabalhos do nosso Grupo de Resposta a Incidentes,
preciso dispor do servi?o Whois a partir de minha rede interna. No
entanto, gostaria de n?o liber?-lo para toda ela; apenas para os
participantes do Grupo; assim, pensei na seguinte hip?tese: colocar um
servidor Whois interno e liberar apenas ele para acesso ao servi?o Whois
na Internet. Isso ? poss?vel, ou vale mais a pena liberar logo o Whois
pra rede interna toda?



-- 

Abra?os,

Marlon Borba, CISSP, APC DataCenter Associate
T?cnico Judici?rio ? Seguran?a da Informa??o
IPv6 Evangelist ? Moreq-Jus Evangelist
Comiss?o Local de Resposta a Incidentes - CLRI
TRF 3 Regi?o
(11) 3012-1581
--
Follow me on Twitter!
twitter.com/mborba
--


From danton at inexo.com.br  Wed Mar 10 16:36:20 2010
From: danton at inexo.com.br (Danton Nunes)
Date: Wed, 10 Mar 2010 16:36:20 -0300 (BRT)
Subject: [GTER] "Proxy" Whois.
In-Reply-To: <4B97B4A3020000460002F2BF@svntrf311.trf3.jus.br>
References: <4B97B4A3020000460002F2BF@svntrf311.trf3.jus.br>
Message-ID: <alpine.DEB.2.00.1003101634300.7197@phoenix>

On Wed, 10 Mar 2010, MARLON BORBA wrote:

> Para auxiliar os trabalhos do nosso Grupo de Resposta a Incidentes,
> preciso dispor do servi?o Whois a partir de minha rede interna. No
> entanto, gostaria de n?o liber?-lo para toda ela; apenas para os
> participantes do Grupo; assim, pensei na seguinte hip?tese: colocar um
> servidor Whois interno e liberar apenas ele para acesso ao servi?o Whois
> na Internet. Isso ? poss?vel, ou vale mais a pena liberar logo o Whois
> pra rede interna toda?

n?o vejo motivo para n?o abrir isso para 'urbi et orbi'. acho que um 
esquema de 'selective firewall piercing' a? ? muita p?rola para pouco 
porco, como diria meu s?cio.

From patrick at vol.net.br  Wed Mar 10 16:57:21 2010
From: patrick at vol.net.br (patrick at vol.net.br)
Date: Wed, 10 Mar 2010 16:57:21 -0300 (BRT)
Subject: [GTER] RES:  "Proxy" Whois.
In-Reply-To: <4B97B4A3020000460002F2BF@svntrf311.trf3.jus.br>
References: <4B97B4A3020000460002F2BF@svntrf311.trf3.jus.br>
Message-ID: <006701cac08b$e5800540$b0800fc0$@net.br>

Acho mais simples voc? ao inv?s de criar um Proxy para whois liberar a
consulta aos hosts que fazem whois na internet para as m?quinas que ter?o
permiss?o de realizar a consulta.
Dessa forma voc? criaria apenas algumas regras de firewall. O que ? bem
mais f?cil de gerenciar e documentar do que um novo servi?o na rede.


Patrick Barreto Petronetto


-----Mensagem original-----
De: gter-bounces at eng.registro.br [mailto:gter-bounces at eng.registro.br] Em
nome de MARLON BORBA
Enviada em: quarta-feira, 10 de mar?o de 2010 15:03
Para: gter at eng.registro.br
Assunto: [GTER] "Proxy" Whois.

Srs.,

Para auxiliar os trabalhos do nosso Grupo de Resposta a Incidentes,
preciso dispor do servi?o Whois a partir de minha rede interna. No
entanto, gostaria de n?o liber?-lo para toda ela; apenas para os
participantes do Grupo; assim, pensei na seguinte hip?tese: colocar um
servidor Whois interno e liberar apenas ele para acesso ao servi?o Whois
na Internet. Isso ? poss?vel, ou vale mais a pena liberar logo o Whois
pra rede interna toda?



--

Abra?os,

Marlon Borba, CISSP, APC DataCenter Associate
T?cnico Judici?rio ? Seguran?a da Informa??o
IPv6 Evangelist ? Moreq-Jus Evangelist
Comiss?o Local de Resposta a Incidentes - CLRI
TRF 3 Regi?o
(11) 3012-1581
--
Follow me on Twitter!
twitter.com/mborba
--

--
gter list    https://eng.registro.br/mailman/listinfo/gter

From MBORBA at trf3.jus.br  Wed Mar 10 18:58:31 2010
From: MBORBA at trf3.jus.br (MARLON BORBA)
Date: Wed, 10 Mar 2010 18:58:31 -0300
Subject: [GTER] RES:  "Proxy" Whois.
In-Reply-To: <006701cac08b$e5800540$b0800fc0$@net.br>
References: <4B97B4A3020000460002F2BF@svntrf311.trf3.jus.br>
	<006701cac08b$e5800540$b0800fc0$@net.br>
Message-ID: <4B97EBD7020000460002F35A@svntrf311.trf3.jus.br>

Patrick,

O problema ? que as m?quinas do pessoal do grupo deveriam ter IPs
fixos, tornando poss?vel a cria??o das regras. Mas, como o Danton
sugeriu, sendo o Whois um protocolo de baixo risco, acho que vou
solicitar sua completa libera??o.



 >>>Em 10/3/2010 ?s 16:57, <patrick at vol.net.br> gravou:

> Acho mais simples voc? ao inv?s de criar um Proxy para whois liberar
a
> consulta aos hosts que fazem whois na internet para as m?quinas que
ter?o
> permiss?o de realizar a consulta.
> Dessa forma voc? criaria apenas algumas regras de firewall. O que ?
bem
> mais f?cil de gerenciar e documentar do que um novo servi?o na rede.
> 
> 
> Patrick Barreto Petronetto
> 
> 
> -----Mensagem original-----
> De: gter-bounces at eng.registro.br
[mailto:gter-bounces at eng.registro.br] Em
> nome de MARLON BORBA
> Enviada em: quarta-feira, 10 de mar?o de 2010 15:03
> Para: gter at eng.registro.br 
> Assunto: [GTER] "Proxy" Whois.
> 
> Srs.,
> 
> Para auxiliar os trabalhos do nosso Grupo de Resposta a Incidentes,
> preciso dispor do servi?o Whois a partir de minha rede interna. No
> entanto, gostaria de n?o liber?-lo para toda ela; apenas para os
> participantes do Grupo; assim, pensei na seguinte hip?tese: colocar
um
> servidor Whois interno e liberar apenas ele para acesso ao servi?o
Whois
> na Internet. Isso ? poss?vel, ou vale mais a pena liberar logo o
Whois
> pra rede interna toda?
> 
> 
> 
> --
> 
> Abra?os,
> 
> Marlon Borba, CISSP, APC DataCenter Associate
> T?cnico Judici?rio ? Seguran?a da Informa??o
> IPv6 Evangelist ? Moreq-Jus Evangelist
> Comiss?o Local de Resposta a Incidentes - CLRI
> TRF 3 Regi?o
> (11) 3012-1581
> --
> Follow me on Twitter!
> twitter.com/mborba
> --
> 
> --
> gter list    https://eng.registro.br/mailman/listinfo/gter 
> --
> gter list    https://eng.registro.br/mailman/listinfo/gter

-- 

Abra?os,

Marlon Borba, CISSP, APC DataCenter Associate
T?cnico Judici?rio ? Seguran?a da Informa??o
IPv6 Evangelist ? Moreq-Jus Evangelist
Comiss?o Local de Resposta a Incidentes - CLRI
TRF 3 Regi?o
(11) 3012-1581
--
Follow me on Twitter!
twitter.com/mborba
--


From henrique.holschuh at ima.sp.gov.br  Fri Mar 12 12:40:10 2010
From: henrique.holschuh at ima.sp.gov.br (Henrique de Moraes Holschuh)
Date: Fri, 12 Mar 2010 12:40:10 -0300
Subject: [GTER] =?iso-8859-1?q?FCC_americana_lan=E7a_programa_de_medi=E7?=
 =?iso-8859-1?q?=E3o_da_banda_larga?=
Message-ID: <4B9A605A.3090603@ima.sp.gov.br>

Senhores(as),

Para seu conhecimento e curiosidade:

http://www.wired.com/epicenter/2010/03/fcc-broadband-test/
http://www.broadband.gov/
http://www.nnsquad.org/archives/nnsquad/msg03090.html

H? alguns paralelos com o SIMET do CEPTRO.br (http://www.ceptro.br/Simet).

-- 
Henrique de Moraes Holschuh <hmh at ima.sp.gov.br>
IM@ - Inform?tica de Munic?pios Associados
Engenharia de Telecomunica??es
TEL +55-19-3755-6555/CEL +55-19-9293-9464

Antes de imprimir, lembre-se de seu compromisso com o Meio Ambiente
e do custo que voc? pode evitar.

From gter at registro.br  Mon Mar 15 11:20:10 2010
From: gter at registro.br (Secretaria GTER29)
Date: Mon, 15 Mar 2010 11:20:10 -0300
Subject: [GTER] Chamada de Trabalhos GTER 29 - Restam apenas 2 semanas
Message-ID: <20100315142010.GG18235@registro.br>

GTER - Grupo de Trabalho de Engenharia e Opera??o de Redes - 29? Reuni?o
GTS - Grupo de Trabalho em Seguran?a de Redes - 15? Reuni?o
S?o Paulo - 14 e 15 de maio de 2010
http://gter.nic.br/
http://gts.nic.br/


                     ** Chamada de Trabalhos **


O Grupo de Trabalho de Engenharia e Opera??o de Redes, em sua 29?
Reuni?o a ser realizada nos dias 14 e 15 de maio de 2010 em S?o Paulo,
convida a comunidade de operadores de servi?os internet no Brasil para
o envio de apresenta??es sobre Engenharia e Opera??o de Redes
Internet.

O material deve tratar principalmente de aspectos pr?ticos e
operacionais da atualidade dos servi?os Internet no pa?s.

Segue uma lista, ordenada alfabeticamente e n?o exaustiva, de
sugest?es para t?picos:

DoS / DDoS
Engenharia de Tr?fego / Roteamento
Escalabilidade
IP Switching / Filtering
IPv6
Internet eXchange
Network Aplications (DNS, SMTP, HTTP, VoIP etc.)
Network Management
Proxies
?ltima Milha (Wi-Fi, WiMAX, xDSL, FTTH, HFC, xPON etc.)
VPNs
Wireless

Seguindo o modelo dos eventos anteriores, a reuni?o do GTS - Grupo de
Trabalho de Seguran?a, estar? ocorrendo conjuntamente, mas desta vez
ser? realizada no primeiro dia do evento para que o programa de
seguran?a se integre melhor com a ocorr?ncia pr?via do CeCOS IV
http://www.antiphishing.org/events/2010_opSummit.html. A chamada
espec?fica de trabalhos para a reuni?o do GTS pode ser consultada em
http://gts.nic.br/

A infra-estrutura do evento ? patrocinada pelo Comit? Gestor da
Internet no Brasil, mas h? oportunidades de patroc?nio de camisetas,
coffee-breaks e eventos sociais; detalhes de patroc?nio podem ser
encontrados em http://gter.nic.br/reunioes/como-patrocinar

Forma / Formato de Envio
------------------------
Os resumos de apresenta??es dever?o ser enviados para gter at
registro.br em formato texto no corpo do email e dever?o conter
obrigatoriamente:

 - T?tulo do Trabalho
 - Nome do(s) Apresentador(es)
 - Resumo
 - Tempo estimado

As apresenta??es devem ter dura??o m?xima de 60 minutos incluindo
tempo para perguntas e respostas.

Este material e adi??es caso sejam solicitadas, ser? utilizado como
base para aceita??o das apresenta??es pelo Comit? do Programa. As
apresenta??es finais dever?o ser enviadas em formato A4 Postscript ou
PDF.


Datas Importantes
-----------------
Limite para envio dos resumos   29/03/2010
Notifica??es dos Autores        09/04/2010
Pr?-agenda                      12/04/2010
Abertura das Inscri??es         12/04/2010


Local
-----
Blue Tree Towers Morumbi
S?o Paulo - SP


Apoio
-----
Comit? Gestor da Internet no Brasil


Organiza??o
-----------
NIC.br

-- 
 Secretaria GTER 29? Reuni?o                           <gter at registro.br>
 S?o Paulo - 14 e 15 de maio de 2010                  http://gter.nic.br/

From adriano at acmesecurity.org  Mon Mar 15 15:15:30 2010
From: adriano at acmesecurity.org (Adriano Cansian)
Date: Mon, 15 Mar 2010 15:15:30 -0300
Subject: [GTER] GTS-15 Chamada de Propostas - Sao Paulo
Message-ID: <A2BFFB67-4FDF-4BCD-BCFA-2DAB75874CC9@acmesecurity.org>


GTER - Grupo de Trabalho de Engenharia e Opera??o de Redes - 29? Reuni?o
GTS - Grupo de Trabalho em Seguran?a de Redes - 15? Reuni?o
S?o Paulo - 14 e 15 de maio de 2010
http://gter.nic.br/
http://gts.nic.br/

% Chamada de Trabalhos

O GTS - Grupo de Trabalho em Seguran?a de Redes, est? organizando sua  
15a. Reuni?o em conjunto com a 29a. Reuni?o do Grupo de Trabalho de  
Engenharia e Opera??o de Redes (GTER), nos dias 14 e 15 de MAIO de  
2010, em S?O PAULO, SP.

A reuni?o do GTS  estar? ocorrendo conjuntamente com o GTER, mas desta  
vez ser? realizada no primeiro dia do evento, para que o programa de  
seguran?a se integre melhor com a ocorr?ncia pr?via do IV CeCOS -  
Counter-eCrime Operations Summit  http://www.antiphishing.org/events/2010_opSummit.html

% Agenda:

11 a 13.05.2010: IV CeCOS (Counter-eCrime Operations Summit)
14.05.2010: GTS-15
15.05.2010: GTER-29

% PATROCINADORES:

A infra-estrutura do evento ? patrocinada pelo Comit? Gestor da  
Internet no Brasil, mas h? oportunidades de patroc?nio de camisetas,  
coffee-breaks e eventos sociais. Detalhes de patroc?nio podem ser  
encontrados em http://gter.nic.br/reunioes/como-patrocinar

% Chamada

Assim, convidamos a comunidade de profissionais de Internet no Brasil  
para o envio de propostas de apresenta??es.

O material deve tratar principalmente de aspectos pr?ticos e
operacionais da atualidade da seguran?a da Internet no pa?s. O comit? de
programa do GTS busca identificar apresenta??es que procurem
compartilhar aplica??es pr?ticas e experi?ncias de sucesso (ou fracasso)
na ?rea, envolvendo novas tecnologias de seguran?a e estudos de casos.

Segue uma lista n?o exaustiva, de sugest?es para t?picos:

* . An?lise de artefatos;
* . An?lise de risco;
* . Assinaturas digitais;
* . Combate a fraudes por computador;
* . Combate a DoS / DDoS;
* . Continuidade de neg?cios e opera??es;
* . Detec??o e prote??o de intrus?o;
* . Filtros, proxies e firewalls;
* . Per?cia e an?lise forense;
* . Pol?ticas de seguran?a;
* . Preven??o e combate ao spam;
* . Programa??o segura;
* . Recupera??o de desastres;
* . Seguran?a wireless;
* . Seguran?a de infra-estrutura;
* . Seguran?a de sistemas e redes;
* . Seguran?a de opera??o de DNS;
* . Tratamento de incidentes;
* . Outros temas de interesse da comunidade de seguran?a.


Ressalta-se que que as apresenta??es sejam aplicadas e *n?o* devem ser  
voltadas a produtos e solu??es de fornecedores espec?ficos, com fins  
comerciais, nem trabalhos que sejam com ?nfase puramente acad?mica. As  
reuni?es do GTS e do GTER buscam a pluralidade de solu??es, com ?nfase  
em "expertise", e n?o em produtos propriet?rios espec?ficos,  
excetuando-se aqueles de c?digo aberto.

A chamada espec?fica de trabalhos para a reuni?o do GTER pode ser  
consultada em http://gter.nic.br

%  Formato de Envio:

Para a reuni?o do GTS-15 as propostas dever?o ser apresentadas de  
acordo com as instru??es  dispon?veis no endere?o: http://gts.nic.br/reunioes/proposta

As apresenta??es devem ter dura??o m?xima de 50 minutos incluindo tempo
para perguntas e respostas.

Datas Importantes
-----------------
Limite para envio depropostas:  	 29/03/2010
Notifica??es dos Autores:			09/04/2010
Pr?-agenda:						12/04/2010
Abertura das Inscri??es:	         	12/04/2010

Local
-----
Blue Tree Towers Morumbi - S?o Paulo - SP

Apoio
-----
Comit? Gestor da Internet no Brasil

Organiza??o
-----------
NIC.br



From christian.oflaherty at hotmail.com  Mon Mar 15 15:36:39 2010
From: christian.oflaherty at hotmail.com (Chris O'Fla O'Flaherty)
Date: Mon, 15 Mar 2010 15:36:39 -0300
Subject: [GTER] Fellowship, NGL announcements
Message-ID: <SNT132-w379F66A2E8A08F8A6037A9E62E0@phx.gbl>



Dear Colleagues,

The Internet Society has announced that it is seeking applications for the next round of the ISOC Fellowship to the IETF  program, part of its Next Generation Leaders (NGL) programme (www.isoc.org/leaders). The Fellowship program offers engineers from developing countries fellowships that fund the cost of attending an Internet Engineering Task Force (IETF) meeting.

As you know, the IETF is the Internet's premier standards-making body, responsible for the development of protocols used in IP-based networks. IETF participants represent an international community of network designers, operators, vendors, and researchers involved in the technical operation of the Internet and the continuing evolution of Internet architecture.

Fellowships will be awarded through a competitive application process. The Internet Society is currently accepting fellowship applications for the next two IETF meetings:

  * IETF 78, 25-30 July, Maastricht, Netherlands
  * IETF 79, 7-12 November, Beijing, China

http://www.isoc.org/educpillar/fellowship/index.php

Fellowship applications for both IETF meetings are due by 16 April 2010.

Two other components of the NGL are accepting applications:

ISOC IGF Ambassadors <http://www.isoc.org/pubpolpillar/igfambassadors/>

NGL eLearning programme  <http://www.isoc.org/leaders/elearning.php>

To learn more about the NGL, and each of the three components, please visit:  www.isoc.org/leaders  Please review each component separately, including the different criteria, to help you decide which component(s) are appropriate for your professional background and future goals.

Please note that each component has a different application deadline.

I encourage you to pass information about this programme to individuals involved in your network that have a keen interest in the Internet standardisation activities of the IETF and/or in Internet governance issues.

The Internet Society?s Next Generation Leaders programme is sponsored by Nominet Trust.

The Internet Society Fellowships to the IETF are also sponsored by Afilias, Google, Microsoft, and Intel.

If you have questions, please do not hesiate to contact Connie Kendig <kendig at isoc.org>.

Kind Regards,
Connie J Kendig
ISOC

 		 	   		  
_________________________________________________________________
Navegaci?n m?s simple. Dise?o m?s liviano. Hotmail ahora carga un 70% m?s r?pido. Ver m?s
http://www.descubrewindowslive.com/hotmail/velocidad.asp  

From alfredo.dalava at gmail.com  Thu Mar 18 19:09:55 2010
From: alfredo.dalava at gmail.com (=?ISO-8859-1?Q?Alfredo_Dal=B4Ava_J=FAnior?=)
Date: Thu, 18 Mar 2010 19:09:55 -0300
Subject: [GTER] =?iso-8859-1?q?Ferramenta_gratuita_de_c=F3digo_aberto_prom?=
	=?iso-8859-1?q?ete_facilitar_migra=E7=E3o_para_IPv6?=
In-Reply-To: <e0fbdc851003181507m135ac2abv5ada2b095fcbe50c@mail.gmail.com>
References: <e0fbdc851003181507m135ac2abv5ada2b095fcbe50c@mail.gmail.com>
Message-ID: <f42d41c31003181509o795823m6c4379ee3b75d344@mail.gmail.com>

Link para AFR: https://www.isc.org/software/aftr

Fonte:http://idgnow.uol.com.br/telecom/2010/03/18/ferramenta-gratuita-de-codigo-aberto-promete-facilitar-migracao-para-ipv6/

Ferramenta gratuita de c?digo aberto promete facilitar migra??o para IPv6
Por Network World/EUA
Publicada em 18 de mar?o de 2010 ?s 17h20Software criado em parceria pelo
provedor Comcast e pelo ISC permite que profissionais de rede se
familiarizem com o novo protocolo da internet.

A provedora americana de servi?os de internet Comcast e o Internet Systems
Consortium (ISC) anunciaram nesta quinta-feira (18/3) a disponibilidade de
software de c?digo aberto que poder? ajudar operadoras e empresas a migrar
para o IPv6, atualiza??o do principal protocolo de comunica??es da internet.

O software, chamado Called Address Family Transition Router (AFTR), est?
dispon?vel imediatamente e sem custos para engenheiros de rede que quiserem
experimentar os mecanismos de transi??o para o IPv6. A vers?o 1.01
pode ser baixada
do site do ISC <https://www.isc.org/software/aftr>.

O AFTR permite que computadores, impressoras, videogames e outros aparelhos
com conex?o ? internet via IPv4 possam ser acessados a partir de uma rede
IPv6.

*Esgotamento*
A ind?stria de internet precisa de mecanismos de transi??o como o AFTR
porque a rede mundial est? prestes a esgotar suas possibilidades de
endere?amento com o protocolo atual IPv4, que usa endere?os de 32 bits -
suficientes para 4,3 bilh?es de aparelhos conectados diretamente ? rede.

Especialistas preveem que os endere?os restantes de IPv4 ser?o distribu?dos
ao longo de 2012. Em janeiro, os registradores regionais de internet
anunciaram que menos de 10% dos endere?os IPv4 permaneciam dispon?veis.

Quando os endere?os IPv4 acabarem, as operadoras e empresas precisar?o
migrar para o IPv6, que usa endere?os de 128 bits e suporta um n?mero
praticamente ilimitado de aparelhos.

*Dual Stack*
O AFTR ? a primeira implementa??o de um padr?o emergente chamado Dual Stack
Lite, que foi desenvolvido pela Comcast.

O Dual Stack Lite permite que v?rios clientes compartilhem um ?nico endere?o
IPv4 usando a tecnologia NAT (Network Address Translation), junto com
tunelamento IPv4-para-IPv6 a partir do gateway do cliente para o NAT da
operadora. O Dual Stack Lite est? em processo de padroniza??o pela Internet
Engineering Task Force (IETF), e sua aprova??o ? esperada para o fim deste
ano.

"N?s planejamos continuar a trabalhar com o ISC nesta implementa??o de
c?digo aberto", disse Richard Woundy, vice-presidente s?nior de software e
aplica??es da Comcast. "Nossa esperan?a e nossa expectativa ? que a
comunidade internet d? uma boa olhada nessa tecnologia, experimente, e nos
forne?a feedback".
 (Carolyn Duffy Marsan)

From dgfontes at gmail.com  Wed Mar 24 06:14:11 2010
From: dgfontes at gmail.com (Diego Fontes)
Date: Wed, 24 Mar 2010 06:14:11 -0300
Subject: [GTER] Cache P2P e Video
Message-ID: <d94aed711003240214r4f5f145aoe220b37635127bb0@mail.gmail.com>

Pessoal,

Estou pesquisando sobre solu??es de cache P2P e Video e verifiquei que
existem dois fabricantes principais e bem comentados na WEB: PeerApp e
OverSi.

Algu?m tem informa??es detalhadas sobre o funcionamento desses produtos,
como qual tipo de servidor e storage utilizam, o custo m?dio da solu??o,
suporte no Brasil, etc.?

Desde j?, muito obrigado...

From fabriciofx at gmail.com  Wed Mar 24 11:25:40 2010
From: fabriciofx at gmail.com (=?ISO-8859-1?Q?Fabr=EDcio_Cabral?=)
Date: Wed, 24 Mar 2010 11:25:40 -0300
Subject: [GTER] Cache P2P e Video
In-Reply-To: <d94aed711003240214r4f5f145aoe220b37635127bb0@mail.gmail.com>
References: <d94aed711003240214r4f5f145aoe220b37635127bb0@mail.gmail.com>
Message-ID: <4c2fd84e1003240725q25b3d8d0vd17a33028de3abb3@mail.gmail.com>

Ol? Diego,

j? rolaram v?rias threads por aqui na lista sobre esse assunto.
Acho valeria a pena voc? dar uma olhada no hist?rico da lista.

[]'s

--fx

2010/3/24 Diego Fontes <dgfontes at gmail.com>:
> Pessoal,
>
> Estou pesquisando sobre solu??es de cache P2P e Video e verifiquei que
> existem dois fabricantes principais e bem comentados na WEB: PeerApp e
> OverSi.
>
> Algu?m tem informa??es detalhadas sobre o funcionamento desses produtos,
> como qual tipo de servidor e storage utilizam, o custo m?dio da solu??o,
> suporte no Brasil, etc.?
>
> Desde j?, muito obrigado...
> --
> gter list ? ?https://eng.registro.br/mailman/listinfo/gter
>



-- 
--fx

From gff at wkve.com.br  Wed Mar 24 11:40:23 2010
From: gff at wkve.com.br (Guilherme de Freitas Figueiredo)
Date: Wed, 24 Mar 2010 11:40:23 -0300
Subject: [GTER] Cache P2P e Video
In-Reply-To: <d94aed711003240214r4f5f145aoe220b37635127bb0@mail.gmail.com>
References: <d94aed711003240214r4f5f145aoe220b37635127bb0@mail.gmail.com>
Message-ID: <4BAA2457.9020601@wkve.com.br>

Diego,

  Recentemente fizemos uma cota??o com o PeerAP , ? uma solu??o pelo que 
a equipe falou bastante robusta , tanto na quest?o da pr?pria solu??o de 
  cache quanto na quest?o do valor, o ultraband 5000-sp , que ? segundo 
eles para cache de um tr?fego aproximadamente de 1.2gb e com 15T de 
storage tem um pre?o bastante salgado , mas se for olhar a longo prazo, 
e o retorno que garantem, ? um investimento pago em cerca de 1 ano, sem 
contar na qualidade que o usu?rio ter? utilizando o cache, bem como a 
economia de backbone/link de internet.
  Se precisar te envio informa??es em pvt.

Diego Fontes escreveu:
> Pessoal,
> 
> Estou pesquisando sobre solu??es de cache P2P e Video e verifiquei que
> existem dois fabricantes principais e bem comentados na WEB: PeerApp e
> OverSi.
> 
> Algu?m tem informa??es detalhadas sobre o funcionamento desses produtos,
> como qual tipo de servidor e storage utilizam, o custo m?dio da solu??o,
> suporte no Brasil, etc.?
> 
> Desde j?, muito obrigado...
> --
> gter list    https://eng.registro.br/mailman/listinfo/gter
> 

-- 
Atenciosamente,

Guilherme de Freitas Figueiredo - gff at wkve.com.br - 33.8824.0243
Ger?ncia de Redes - WKVE Telecom - http://www.wkve.com.br - 33.2102.3332
Rua Jo?o Pinheiro , 599 Loja 14 - Centro - Governador Valadares - MG

From eduardo at intron.com.br  Wed Mar 24 15:07:43 2010
From: eduardo at intron.com.br (=?ISO-8859-1?Q?Eduardo_Ascen=E7o_Reis?=)
Date: Wed, 24 Mar 2010 15:07:43 -0300
Subject: [GTER] Fwd: [c-nsp] Cisco Security Advisory: Cisco IOS Software
	Crafted TCP Packet Denial of Service Vulnerability
In-Reply-To: <201003241200.tcp@psirt.cisco.com>
References: <201003241200.tcp@psirt.cisco.com>
Message-ID: <45e3c45f1003241107w1645b96dt4f881e6980bebc33@mail.gmail.com>

---------- Forwarded message ----------
From: Cisco Systems Product Security Incident Response Team <psirt at cisco.com>
Date: 2010/3/24
Subject: [c-nsp] Cisco Security Advisory: Cisco IOS Software Crafted
TCP Packet Denial of Service Vulnerability
To: cisco-nsp at puck.nether.net
Cc: psirt at cisco.com


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco IOS Software Crafted TCP Packet Denial
of Service Vulnerability

Advisory ID: cisco-sa-20100324-tcp

Revision 1.0

For Public Release 2010 March 24 1600 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

Cisco IOS Software is affected by a denial of service vulnerability
that may allow a remote unauthenticated attacker to cause an affected
device to reload or hang. The vulnerability may be triggered by a TCP
segment containing crafted TCP options that is received during the
TCP session establishment phase. In addition to specific, crafted TCP
options, the device must have a special configuration to be affected
by this vulnerability.

Cisco has released free software updates that address this
vulnerability.

This advisory is posted at:

http://www.cisco.com/warp/public/707/cisco-sa-20100324-tcp.shtml

Note: The March 24, 2010, Cisco IOS Software Security Advisory
bundled publication includes seven Security Advisories. All the
advisories address vulnerabilities in Cisco IOS Software. Each
advisory lists the releases that correct the vulnerability or
vulnerabilities detailed in the advisory. The table at the following
URL lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on March 24, 2010, or
earlier:

http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml

Individual publication links are in "Cisco Event Response: Semiannual
Cisco IOS Software Security Advisory Bundled Publication" at the
following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar10.html

Affected Products
=================

Vulnerable Products
+------------------

Vulnerable devices are running an affected version of Cisco IOS
Software, and are configured for any of the following:

?* A specific TCP window size
?* TCP path MTU discovery (PMTUD)
?* Stateful Network Address Translation (SNAT) with TCP as the
? ?transport protocol

Configurations Using a Specific TCP Window Size
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Devices configured to use a specific TCP receive window size for
connections originating on the device are affected by this
vulnerability. A device configured with a specific TCP receive window
size has the following command in its configuration:

? ?ip tcp window-size <window size, from 0 to 1073741823>

If the TCP window size has not been explicitly configured with the
command "ip tcp window-size <window size, from 0 to 1073741823>" then
the device is not affected by the vulnerability.

Configurations Using Path MTU Discovery
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Devices configured to use PMTUD for TCP connections originating or
terminating on the device are also affected by this vulnerability.
Different Cisco IOS Software features may allow to enable or disable
PMTUD on a per-feature basis. The following list contains features
known to enable PMTUD for TCP connections:

?* TCP over IPv4: the "ip tcp path-mtu-discovery" command enables
? ?PMTUD for all new TCP over IPv4 connections from the device. This
? ?command is disabled by default.
?* TCP over IPv6: PMTUD is enabled by default for IPV6 and cannot be
? ?disabled.
?* Border Gateway Protocol (BGP): recent versions of Cisco IOS
? ?Software (Cisco IOS Release 12.2(33)SRA, 12.2(31)SB, 12.2(33)SXH,
? ?12.4(20)T and later releases) automatically enable PMTUD for all
? ?BGP neighbor sessions when BGP is configured. Refer to:

? ?http://www.cisco.com/en/US/docs/ios/12_2sr/12_2sra/feature/guide/srbgpmtu.html

? ?for details.

Other features like generic routing encapsulation (GRE), IP-in-IP
tunneling, and Layer 2 Tunneling Protocol (L2TP) also allow the use
of PMTUD. However, these are not related to TCP services and
therefore are not affected by this vulnerability.

Configurations Using Stateful NAT with TCP as the Transport Protocol
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Devices configured to use SNAT are also affected by this
vulnerability. A device configured to use SNAT with TCP as the
transport protocol has the following commands in its configuration:

? ?ip nat Stateful id <stateful NAT ID number>
? ? ? ? redundancy <redundancy group name>
? ? ? ? ? ? ...
? ? ? ? ? ? protocol ? tcp
? ?!

Note that to be affected under an SNAT configuration scenario, the
SNAT transport protocol must be TCP. Recent versions of Cisco IOS
Software do not support the use of TCP as the SNAT transport protocol
(they only support UDP), in which case the use of SNAT does not make
a device vulnerable. SNAT is not enabled by default, and when SNAT is
configured, the default transport protocol is TCP if the Cisco IOS
Software release supports TCP as a transport protocol for SNAT.

Determining The Cisco IOS Software Version
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

To determine the Cisco IOS Software release that is running on a
Cisco product, administrators can log in to the device and issue the
"show version" command to display the system banner. The system banner
confirms that the device is running Cisco IOS Software by displaying
text similar to "Cisco Internetwork Operating System Software" or
"Cisco IOS Software." The image name is displayed in parentheses,
followed by "Version" and the Cisco IOS Software release name. Other
Cisco devices do not have the "show version" command or may provide
different output.

The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.3(26) with an installed image name of
C2500-IS-L:

? ?Router#show version
? ?Cisco Internetwork Operating System Software IOS (tm) 2500 Software
(C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2)
? ?Technical Support: http://www.cisco.com/techsupport
? ?Copyright (c) 1986-2008 by cisco Systems, Inc.
? ?Compiled Mon 17-Mar-08 14:39 by dchih

? ?<output truncated>

The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.4(20)T with an installed image name of
C1841-ADVENTERPRISEK9-M:

? ?Router#show version
? ?Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M),
Version 12.4(20)T, RELEASE SOFTWARE (fc3)
? ?Technical Support: http://www.cisco.com/techsupport
? ?Copyright (c) 1986-2008 by Cisco Systems, Inc.
? ?Compiled Thu 10-Jul-08 20:25 by prod_rel_team

? ?<output truncated>

Additional information about Cisco IOS Software release naming
conventions is available in "White Paper: Cisco IOS Reference Guide"
at the following link:

http://www.cisco.com/warp/public/620/1.html

Products Confirmed Not Vulnerable
+--------------------------------

Cisco IOS XR Software is not affected.

Cisco IOS XE Software is not affected.

No other Cisco products are currently known to be affected by this
vulnerability.

Details
=======

Cisco IOS Software is affected by a denial of service vulnerability
that may allow a remote unauthenticated attacker to cause a device
reload or hang.

The vulnerability may only be triggered by a TCP segment received
during the TCP session establishment phase. The received TCP segment
must contain crafted, not malformed, TCP options. A TCP three-way
handshake does not need to be completed to exploit the vulnerability.

To be affected by this vulnerability, a device must be configured for
any of the following:

?* A specific TCP receive window size
?* PMTUD
?* SNAT with TCP as the transport protocol

Refer to the Affected Products section for additional details on
these configurations.

The vulnerability exists in the TCP options processing code of Cisco
IOS Software. When the vulnerability is triggered, Cisco IOS Software
enters an infinite loop that may cause the device to reload or hang.
The following syslog messages may indicate that this vulnerability
has been exploited:

? ?%SYS-3-CPUHOG: Task is running for (128004)msecs, more than
(2000)msecs (23/1),process = IP Input.
? ?-Traceback= 0x41CA6AC4 0x41C83170 0x41A22704 0x41F249D4 0x41A24A34 0x41B24C58
? ?%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = IP Input.

This vulnerability is addressed by Cisco bug ID CSCsz75186 and has been
assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2010-0577.

BGP Considerations
~~~~~~~~~~~~~~~~~~

This vulnerability could be exploited through the BGP port (TCP port
179) if all the following conditions are met:

?* The device is configured for one or more of the features that
? ?make a device affected, as explained above. Note that in recent
? ?versions of Cisco IOS Software, configuring BGP automatically
? ?enables PMTUD for all BGP neighbor sessions.
?* The source IP address of an attack packet is the IP address of a
? ?configured BGP peer.
?* If the BGP TTL Security Hack (BTSH)/Generalized TTL Security
? ?Mechanism (GTSM) is configured, the TTL of the received attack
? ?packet is within the allowed TTL range.
?* If the BGP peering session is protected by the TCP MD5 option,
? ?the attack packet has the correct MD5 hash.

Vulnerability Scoring Details
=============================

Cisco has provided scores for the vulnerability in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.

CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.

Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.

Cisco has provided an FAQ to answer additional questions regarding
CVSS at:

http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html

Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at:

http://intellishield.cisco.com/security/alertmanager/cvss

CSCsz75186 - TCP crash by watchdog timeout due to crafted TCP segment

CVSS Base Score - 7.1

Access Vector ? ? ? ? ? - Network
Access Complexity ? ? ? - Medium
Authentication ? ? ? ? ?- None
Confidentiality Impact ?- None
Integrity Impact ? ? ? ?- None
Availability Impact ? ? - Complete

CVSS Temporal Score - 5.9

Exploitability ? ? ? ? ?- Functional
Remediation Level ? ? ? - Official-Fix
Report Confidence ? ? ? - Confirmed

Impact
======

Successful exploitation of the vulnerability may cause the affected
device to reload or hang. Repeated exploitation could result in a
sustained denial of service condition. In the case of a hang, cycling
power to the device may be required to put the device back in
service.

Software Versions and Fixes
===========================

When considering software upgrades, also consult
http://www.cisco.com/go/psirt and any subsequent advisories to
determine exposure and a complete upgrade solution.

In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance.

Each row of the Cisco IOS software table (below) names a Cisco IOS
release train. If a given release train is vulnerable, then the
earliest possible releases that contain the fix (along with the
anticipated date of availability for each, if applicable) are listed
in the "First Fixed Release for this Advisory" column of the table.
The "First Fixed Release for all Advisories in 24 March 2010 Bundle
Publication" column indicates the earliest possible releases which
have fixes for all the published vulnerabilities in this Cisco IOS
Security Advisory bundled publication. Cisco recommends upgrading to
the latest available release where possible.

+-------------------------------------------------------------------+
| ? Major ? ?| ? ? ? ? ? ? Availability of Repaired Releases ? ? ? ?|
| ?Release ? | ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+------------------------------------------------------|
| ?Affected ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | First Fixed Release for ?|
| 12.0-Based | ?First Fixed Release for ?| ? all Advisories in 24 ? |
| ?Releases ?| ? ? ? this Advisory ? ? ? | ? ?March 2010 Bundle ? ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ? ? Publication ? ? ? ?|
|-------------------------------------------------------------------|
| There are no affected 12.0 based releases ? ? ? ? ? ? ? ? ? ? ? ? |
|-------------------------------------------------------------------|
| ?Affected ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | First Fixed Release for ?|
| 12.1-Based | ?First Fixed Release for ?| ? all Advisories in 24 ? |
| ?Releases ?| ? ? ? this Advisory ? ? ? | ? ?March 2010 Bundle ? ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ? ? Publication ? ? ? ?|
|-------------------------------------------------------------------|
| There are no affected 12.1 based releases ? ? ? ? ? ? ? ? ? ? ? ? |
|-------------------------------------------------------------------|
| ?Affected ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | First Fixed Release for ?|
| 12.2-Based | ?First Fixed Release for ?| ? all Advisories in 24 ? |
| ?Releases ?| ? ? ? this Advisory ? ? ? | ? ?March 2010 Bundle ? ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ? ? Publication ? ? ? ?|
|------------+---------------------------+--------------------------|
| 12.2 ? ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| any release in 15.0M or a | Vulnerable; migrate to ? |
| 12.2B ? ? ?| fixed 12.4 release. ? ? ? | any release in 15.0M or ?|
| ? ? ? ? ? ?| Releases up to and ? ? ? ?| a fixed 12.4 release. ? ?|
| ? ? ? ? ? ?| including 12.2(4)B8 are ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| not vulnerable. ? ? ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| any release in 15.0M or a | Vulnerable; migrate to ? |
| 12.2BC ? ? | fixed 12.4 release. ? ? ? | any release in 15.0M or ?|
| ? ? ? ? ? ?| Releases up to and ? ? ? ?| a fixed 12.4 release. ? ?|
| ? ? ? ? ? ?| including 12.2(4)BC1b are | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| not vulnerable. ? ? ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2BW ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; first fixed ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| in 12.4 ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2BX ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ? | any release in 15.0M or ?|
| ? ? ? ? ? ?| Releases up to and ? ? ? ?| a fixed 12.4 release. ? ?|
| ? ? ? ? ? ?| including 12.2(2)BX1 are ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| not vulnerable. ? ? ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| any release in 15.0M or a | Vulnerable; migrate to ? |
| 12.2BY ? ? | fixed 12.4 ? ? ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| release.Releases up to ? ?| a fixed 12.4 release. ? ?|
| ? ? ? ? ? ?| and including 12.2(2)BY3 ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| are not vulnerable. ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2BZ ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2CX ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2CY ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| 12.2CZ ? ? | Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| ? ? ? ? ? ?| any release in 12.2S ? ? ?| any release in 12.2SRE ? |
|------------+---------------------------+--------------------------|
| 12.2DA ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2DD ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2DX ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| 12.2EW ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2EWA ? ?| Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Releases up to and ? ? ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | including 12.2(37)EX are |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | not vulnerable. ? ? ? ? ?|
| 12.2EX ? ? | Not Vulnerable ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Releases 12.2(44)EX and ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | later are not ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SE ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Releases prior to 12.2 ? |
| 12.2EY ? ? | Not Vulnerable ? ? ? ? ? ?| (37)EY are vulnerable, ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | release 12.2(37)EY and ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | later are not vulnerable |
|------------+---------------------------+--------------------------|
| 12.2EZ ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2FX ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2FY ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2FZ ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2IRA ? ?| Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SRC ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2IRB ? ?| Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SRC ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2IRC ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2IRD ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2IXA ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2IXB ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2IXC ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2IXD ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2IXE ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2IXF ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2IXG ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2IXH ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Releases up to and ? ? ? ?| Releases up to and ? ? ? |
| 12.2JA ? ? | including 12.2(4)JA1 are ?| including 12.2(4)JA1 are |
| ? ? ? ? ? ?| not vulnerable. ? ? ? ? ? | not vulnerable. ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2JK ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| 12.2MB ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; first fixed ?|
| 12.2MC ? ? | any release in 15.0M or a | in 12.4 ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| 12.2MRA ? ?| Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Releases prior to 12.2 ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | (30)S are vulnerable, ? ?|
| 12.2S ? ? ?| Not Vulnerable ? ? ? ? ? ?| release 12.2(30)S and ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | later are not ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | vulnerable; ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | 12.2(33)SB8 ? ? ? ? ? ? ?|
| 12.2SB ? ? | Not Vulnerable ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | 12.2(31)SB18; Available ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | on 24-MAR-10 ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SBC ? ?| Not Vulnerable ? ? ? ? ? ?| Vulnerable; migrate to ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | any release in 12.2SRE ? |
|------------+---------------------------+--------------------------|
| 12.2SCA ? ?| Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SCB ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SCB ? ?| Not Vulnerable ? ? ? ? ? ?| 12.2(33)SCB6 ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SCC ? ?| Not Vulnerable ? ? ? ? ? ?| 12.2(33)SCC1 ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SCD ? ?| Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SE ? ? | Not Vulnerable ? ? ? ? ? ?| 12.2(50)SE4; Available ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | on 25-MAR-10 ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SEA ? ?| Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SEB ? ?| Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SEC ? ?| Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SED ? ?| Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SE ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| 12.2SEE ? ?| Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SE ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| 12.2SEF ? ?| Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Releases prior to 12.2 ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | (25)SEG4 are vulnerable, |
| 12.2SEG ? ?| Not Vulnerable ? ? ? ? ? ?| release 12.2(25)SEG4 and |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | later are not ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SE ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Releases up to 12.2(31) ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | SG1 are not vulnerable; ?|
| 12.2SG ? ? | Not Vulnerable ? ? ? ? ? ?| releases 12.2(40)SG and ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | later are not ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | vulnerable. ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| 12.2SGA ? ?| Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SL ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SM ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2SO ? ? | Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| 12.2SQ ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SRA ? ?| Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SRD ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SRB ? ?| Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SRD ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SRC ? ?| Not Vulnerable ? ? ? ? ? ?| 12.2(33)SRC5 ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SRD ? ?| Not Vulnerable ? ? ? ? ? ?| 12.2(33)SRD3 ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SRE ? ?| Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2STE ? ?| Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2SU ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Releases up to and ? ? ? |
| 12.2SV ? ? | Not Vulnerable ? ? ? ? ? ?| including 12.2(18)SV2 ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | are not vulnerable. ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2SVA ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2SVC ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2SVD ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2SVE ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Releases up to and ? ? ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | including 12.2(25)SW3 ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | are not vulnerable. ? ? ?|
| 12.2SW ? ? | Not Vulnerable ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Releases 12.2(25)SW12 ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | and later are not ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 15.0M ? ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SX ? ? | Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SXF ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SXA ? ?| Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SXF ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SXB ? ?| Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SXF ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SXD ? ?| Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SXF ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SXE ? ?| Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SXF ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SXF ? ?| Not Vulnerable ? ? ? ? ? ?| 12.2(18)SXF17a ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SXH ? ?| Not Vulnerable ? ? ? ? ? ?| 12.2(33)SXH6 ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | 12.2(33)SXI2a ? ? ? ? ? ?|
| 12.2SXI ? ?| Not Vulnerable ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | 12.2(33)SXI3 ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2SY ? ? | Not Vulnerable ? ? ? ? ? ?| Vulnerable; migrate to ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | any release in 12.2SRE ? |
|------------+---------------------------+--------------------------|
| 12.2SZ ? ? | Not Vulnerable ? ? ? ? ? ?| Vulnerable; migrate to ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | any release in 12.2SRE ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| any release in 15.0M or a | Vulnerable; migrate to ? |
| 12.2T ? ? ?| fixed 12.4 ? ? ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| release.Releases up to ? ?| a fixed 12.4 release. ? ?|
| ? ? ? ? ? ?| and including 12.2(4)T7 ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| are not vulnerable. ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2TPC ? ?| the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2XA ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2XB ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2XC ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2XD ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| 12.2XE ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2XF ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2XG ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2XH ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2XI ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2XJ ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2XK ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2XL ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2XM ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Releases prior to 12.2 ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | (33)XN1 are vulnerable, ?|
| 12.2XN ? ? | Not Vulnerable ? ? ? ? ? ?| release 12.2(33)XN1 and ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | later are not ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SRC ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2XNA ? ?| Please see Cisco IOS-XE ? | Please see Cisco IOS-XE ?|
| ? ? ? ? ? ?| Software Availability ? ? | Software Availability ? ?|
|------------+---------------------------+--------------------------|
| 12.2XNB ? ?| Please see Cisco IOS-XE ? | Please see Cisco IOS-XE ?|
| ? ? ? ? ? ?| Software Availability ? ? | Software Availability ? ?|
|------------+---------------------------+--------------------------|
| 12.2XNC ? ?| Please see Cisco IOS-XE ? | Please see Cisco IOS-XE ?|
| ? ? ? ? ? ?| Software Availability ? ? | Software Availability ? ?|
|------------+---------------------------+--------------------------|
| 12.2XND ? ?| Please see Cisco IOS-XE ? | Please see Cisco IOS-XE ?|
| ? ? ? ? ? ?| Software Availability ? ? | Software Availability ? ?|
|------------+---------------------------+--------------------------|
| 12.2XNE ? ?| Please see Cisco IOS-XE ? | Please see Cisco IOS-XE ?|
| ? ? ? ? ? ?| Software Availability ? ? | Software Availability ? ?|
|------------+---------------------------+--------------------------|
| 12.2XNF ? ?| Please see Cisco IOS-XE ? | Please see Cisco IOS-XE ?|
| ? ? ? ? ? ?| Software Availability ? ? | Software Availability ? ?|
|------------+---------------------------+--------------------------|
| 12.2XO ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2XQ ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| any release in 15.0M or a | Vulnerable; migrate to ? |
| 12.2XR ? ? | fixed 12.4 ? ? ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| release.Releases up to ? ?| a fixed 12.4 release. ? ?|
| ? ? ? ? ? ?| and including 12.2(4)XR ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| are not vulnerable. ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| 12.2XS ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2XT ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2XU ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; migrate to ? |
| 12.2XV ? ? | Not Vulnerable ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2XW ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2YA ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YB ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2YC ? ? | Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YD ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| 12.2YE ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YF ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YG ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YH ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YJ ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| 12.2YK ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YL ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2YM ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YN ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2YO ? ? | Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| any release in 15.0M or a | Vulnerable; migrate to ? |
| 12.2YP ? ? | fixed 12.4 ? ? ? ? ? ? ? ?| any release in 15.0M or ?|
| ? ? ? ? ? ?| release.Releases up to ? ?| a fixed 12.4 release. ? ?|
| ? ? ? ? ? ?| and including 12.2(8)YP ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| are not vulnerable. ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YQ ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YR ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| 12.2YS ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YT ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YU ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YV ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YW ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2YX ? ? | Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2YY ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2YZ ? ? | Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| 12.2ZA ? ? | Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SXF ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2ZB ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2ZC ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2ZD ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2ZE ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2ZF ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2ZG ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.2ZH ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2ZJ ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2ZL ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.2ZP ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| 12.2ZU ? ? | Not Vulnerable ? ? ? ? ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | in 12.2SXH ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| 12.2ZX ? ? | Not Vulnerable ? ? ? ? ? ?| Vulnerable; migrate to ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | any release in 12.2SRE ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2ZY ? ? | Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.2ZYA ? ?| Not Vulnerable ? ? ? ? ? ?| the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ?Affected ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | First Fixed Release for ?|
| 12.3-Based | ?First Fixed Release for ?| ? all Advisories in 24 ? |
| ?Releases ?| ? ? ? this Advisory ? ? ? | ? ?March 2010 Bundle ? ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ? ? Publication ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3 ? ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3B ? ? ?| any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| 12.3BC ? ? | Vulnerable; migrate to ? ?| Vulnerable; first fixed ?|
| ? ? ? ? ? ?| any release in 12.2SCB ? ?| in 12.2SCB ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3BW ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| 12.3EU ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Releases prior to 12.3 ? |
| ? ? ? ? ? ?| support organization per ?| (11)JA5 are vulnerable, ?|
| 12.3JA ? ? | the instructions in ? ? ? | release 12.3(11)JA5 and ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| later are not vulnerable |
| ? ? ? ? ? ?| section of this advisory ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Releases prior to 12.3 ? |
| ? ? ? ? ? ?| support organization per ?| (8)JEA4 are vulnerable, ?|
| 12.3JEA ? ?| the instructions in ? ? ? | release 12.3(8)JEA4 and ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| later are not vulnerable |
| ? ? ? ? ? ?| section of this advisory ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Releases prior to 12.3 ? |
| ? ? ? ? ? ?| support organization per ?| (8)JEB2 are vulnerable, ?|
| 12.3JEB ? ?| the instructions in ? ? ? | release 12.3(8)JEB2 and ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| later are not vulnerable |
| ? ? ? ? ? ?| section of this advisory ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.3JEC ? ?| the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.3JED ? ?| the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3JK ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.3JL ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.3JX ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3T ? ? ?| any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.3TPC ? ?| the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| 12.3VA ? ? | Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XA ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.3XB ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XC ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XD ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; first fixed ?|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| in 12.4 ? ? ? ? ? ? ? ? ?|
| 12.3XE ? ? | any release in 15.0M or a | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | Vulnerable; migrate to ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | any release in 15.0M or ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.3XF ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XG ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Note: Releases prior to ? | Releases prior to 12.3 ? |
| ? ? ? ? ? ?| 12.3(7)XI11 are ? ? ? ? ? | (7)XI11 are vulnerable, ?|
| 12.3XI ? ? | vulnerable, release 12.3 ?| release 12.3(7)XI11 and ?|
| ? ? ? ? ? ?| (7)XI11 and later are not | later are not vulnerable |
| ? ? ? ? ? ?| vulnerable; ? ? ? ? ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| 12.3XJ ? ? | Vulnerable; first fixed ? | Vulnerable; first fixed ?|
| ? ? ? ? ? ?| in 12.4XR ? ? ? ? ? ? ? ? | in 12.4XR ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XK ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XL ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XQ ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XR ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XS ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XU ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| 12.3XW ? ? | Vulnerable; first fixed ? | Vulnerable; first fixed ?|
| ? ? ? ? ? ?| in 12.4XR ? ? ? ? ? ? ? ? | in 12.4XR ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XX ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XY ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3XZ ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3YA ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4 release. ? ? ? | a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3YD ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| 12.3YF ? ? | Vulnerable; first fixed ? | Vulnerable; first fixed ?|
| ? ? ? ? ? ?| in 12.4XR ? ? ? ? ? ? ? ? | in 12.4XR ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3YG ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3YH ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3YI ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3YJ ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3YK ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3YM ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3YQ ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3YS ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3YT ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3YU ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| 12.3YX ? ? | Vulnerable; first fixed ? | Vulnerable; first fixed ?|
| ? ? ? ? ? ?| in 12.4XR ? ? ? ? ? ? ? ? | in 12.4XR ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.3YZ ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.3ZA ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ?Affected ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | First Fixed Release for ?|
| 12.4-Based | ?First Fixed Release for ?| ? all Advisories in 24 ? |
| ?Releases ?| ? ? ? this Advisory ? ? ? | ? ?March 2010 Bundle ? ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ? ? Publication ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| 12.4(25c) ? ? ? ? ? ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | 12.4(25c) ? ? ? ? ? ? ? ?|
| 12.4 ? ? ? | 15.0(1)M1 ? ? ? ? ? ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | 15.0(1)M1 ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| 15.0(1)M2 ; Available on ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| 26-MAR-10 ? ? ? ? ? ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4GC ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4JA ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4JDA ? ?| the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4JDC ? ?| the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| 12.4(10b)JDD1 ? ? ? ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| 12.4JDD ? ?| support organization per ?| 12.4(10b)JDD1 ? ? ? ? ? ?|
| ? ? ? ? ? ?| the instructions in ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| section of this advisory ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| 12.4JHA ? ?| Not Vulnerable ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4JK ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4JL ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Releases prior to 12.4 ? |
| ? ? ? ? ? ?| support organization per ?| (3g)JMA2 are vulnerable, |
| 12.4JMA ? ?| the instructions in ? ? ? | release 12.4(3g)JMA2 and |
| ? ? ? ? ? ?| Obtaining Fixed Software ?| later are not vulnerable |
| ? ? ? ? ? ?| section of this advisory ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4JMB ? ?| the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| 12.4JX ? ? | Vulnerable; first fixed ? | Vulnerable; first fixed ?|
| ? ? ? ? ? ?| in 12.4JA ? ? ? ? ? ? ? ? | in 12.4JA ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| 12.4(11)MD10 ? ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| 12.4MD ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ? | 12.4(24)MD ? ? ? ? ? ? ? |
| ? ? ? ? ? ?| 12.4(15)MD4 12.4(24)MD ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| 12.4MDA ? ?| 12.4(22)MDA2 ? ? ? ? ? ? ?| 12.4(22)MDA2 ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4MR ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4SW ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| 12.4(22)T3 ? ? ? ? ? ? ? ?| 12.4(15)T12 ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| 12.4(20)T4 ? ? ? ? ? ? ? ?| 12.4(20)T5 ? ? ? ? ? ? ? |
| 12.4T ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| 12.4(15)T10 ? ? ? ? ? ? ? | 12.4(24)T3; Available on |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | 26-MAR-10 ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| 12.4(24)T2 ? ? ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | 12.4(22)T4 ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XA ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XB ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XC ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XD ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XE ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XF ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XG ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XJ ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XK ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4XL ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XM ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4XN ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4XP ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XQ ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| 12.4XR ? ? | 12.4(22)XR3 ? ? ? ? ? ? ? | 12.4(22)XR3 ? ? ? ? ? ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XT ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4XV ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XW ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XY ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4XZ ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; migrate to ? ?| Vulnerable; migrate to ? |
| 12.4YA ? ? | any release in 15.0M or a | any release in 15.0M or ?|
| ? ? ? ? ? ?| fixed 12.4T release. ? ? ?| a fixed 12.4 release. ? ?|
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Vulnerable; Contact your |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | support organization per |
| 12.4YB ? ? | 12.4(22)YB5 ? ? ? ? ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | Obtaining Fixed Software |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4YD ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| 12.4(22)YE2 ? ? ? ? ? ? ? | 12.4(22)YE2 ? ? ? ? ? ? ?|
| 12.4YE ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ? ? ? ? ? ? ? ? ? ? ? ?|
| ? ? ? ? ? ?| 12.4(24)YE ? ? ? ? ? ? ? ?| 12.4(24)YE ? ? ? ? ? ? ? |
|------------+---------------------------+--------------------------|
| ? ? ? ? ? ?| Vulnerable; Contact your ?| Vulnerable; Contact your |
| ? ? ? ? ? ?| support organization per ?| support organization per |
| 12.4YG ? ? | the instructions in ? ? ? | the instructions in ? ? ?|
| ? ? ? ? ? ?| Obtaining Fixed Software ?| Obtaining Fixed Software |
| ? ? ? ? ? ?| section of this advisory ?| section of this advisory |
|------------+---------------------------+--------------------------|
| ?Affected ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | First Fixed Release for ?|
| 15.0-Based | ?First Fixed Release for ?| ? all Advisories in 24 ? |
| ?Releases ?| ? ? ? this Advisory ? ? ? | ? ?March 2010 Bundle ? ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ? ? Publication ? ? ? ?|
|-------------------------------------------------------------------|
| There are no affected 15.0 based releases ? ? ? ? ? ? ? ? ? ? ? ? |
|-------------------------------------------------------------------|
| ?Affected ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | First Fixed Release for ?|
| 15.1-Based | ?First Fixed Release for ?| ? all Advisories in 24 ? |
| ?Releases ?| ? ? ? this Advisory ? ? ? | ? ?March 2010 Bundle ? ? |
| ? ? ? ? ? ?| ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ? ? Publication ? ? ? ?|
|-------------------------------------------------------------------|
| There are no affected 15.1 based releases ? ? ? ? ? ? ? ? ? ? ? ? |
+-------------------------------------------------------------------+

Cisco IOS-XE Software
+--------------------

+-------------------------------------------------------------------+
| ? ? ? IOS-XE Release ? ? ? | ? ? ? ? First Fixed Release ? ? ? ? ?|
|----------------------------+--------------------------------------|
| 2.1.x ? ? ? ? ? ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? ? ? ? ? ? ? |
|----------------------------+--------------------------------------|
| 2.2.x ? ? ? ? ? ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? ? ? ? ? ? ? |
|----------------------------+--------------------------------------|
| 2.3.x ? ? ? ? ? ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? ? ? ? ? ? ? |
|----------------------------+--------------------------------------|
| 2.4.x ? ? ? ? ? ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? ? ? ? ? ? ? |
|----------------------------+--------------------------------------|
| 2.5.x ? ? ? ? ? ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? ? ? ? ? ? ? |
|----------------------------+--------------------------------------|
| 2.6.x ? ? ? ? ? ? ? ? ? ? ?| Not Vulnerable ? ? ? ? ? ? ? ? ? ? ? |
+-------------------------------------------------------------------+

Workarounds
===========

There are no workarounds to mitigate this vulnerability other than
disabling the specific features that make a device vulnerable, if
feasible.

Additionally, allowing only legitimate devices to connect to affected
devices will help limit exposure to this vulnerability. Refer to the
Control Plane Policing and Configuring Infrastructure Access Lists
(iACLs) subsections below for further details. Since a TCP three-way
handshake is not required, to increase effectiveness, the mitigation
must be coupled with anti-spoofing measures on the network edge.

Specific mitigations for BGP are discussed below in the BGP
Considerations subsection.

Additional mitigations that can be deployed on Cisco devices within
the network are available in the companion document "Cisco Applied
Mitigation Bulletin: Identifying and Mitigating Exploitation of the
Cisco IOS Software Crafted TCP Packet Denial of Service
Vulnerability", which is available at the following location:

http://www.cisco.com/warp/public/707/cisco-amb-20100324-tcp.shtml

Configurations Using a Specific TCP Window Size
+----------------------------------------------

Not setting a specific TCP receive window size can be accomplished by
removing the "ip tcp window-size" command from the configuration.

Configurations Using Path MTU Discovery
+--------------------------------------

PMTUD may be disabled in some of the Cisco IOS Software features that
make use of PMTUD. The specific command to use to disable PMTUD
varies depending on the specific feature:

?* TCP over IPv4: removing the "ip tcp path-mtu-discovery" command
? ?from the configuration will disable PMTUD for TCP over IPv4
? ?sessions that originate on the device.
?* TCP over IPv6: PMTUD is enabled by default for IPV6 and cannot be
? ?disabled.
?* BGP: if BGP is configured on a recent version of Cisco IOS
? ?Software that enables PMTUD for BGP sessions, PMTUD can be
? ?disabled for all BGP sessions with the "no bgp transport
? ?path-mtu-discovery" command in router configuration mode (Cisco
? ?IOS Release 12.2(33)SRA, 12.2(31)SB, 12.2(33)SXH, 12.4(20)T, and
? ?later releases).

Configurations Using Stateful NAT with TCP as the Transport Protocol
+-------------------------------------------------------------------

SNAT can be disabled by removing the "ip nat Stateful id" command from
the configuration.

Control Plane Policing
+---------------------

For devices that need to offer TCP services, it is possible to use
Control Plane Policing (CoPP) to block TCP traffic to the device from
untrusted sources. Cisco IOS Releases 12.0S, 12.2SX, 12.2S, 12.3T,
12.4, and 12.4T support the CoPP feature. CoPP may be configured on a
device to protect the management and control planes to minimize the
risk and effectiveness of direct infrastructure attacks by explicitly
permitting only authorized traffic sent to infrastructure devices in
accordance with existing security policies and configurations. The
following example can be adapted to specific network configurations:

? ?!-- The 192.168.1.0/24 network and the 172.16.1.1 host are trusted.
? ?!-- Everything else is not trusted. The following access list is used
? ?!-- to determine what traffic needs to be dropped by a control plane
? ?!-- policy (the CoPP feature.) If the access list matches (permit)
? ?!-- then traffic will be dropped and if the access list does not
? ?!-- match (deny) then traffic will be processed by the router.
? ?!-- Note that TCP ports 22 and 23 are just examples; this configuration
? ?!-- needs to be expanded to include all used TCP ports.

? ?access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 22
? ?access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 23
? ?access-list 100 deny tcp host 172.16.1.1 any eq 22
? ?access-list 100 deny tcp host 172.16.1.1 any eq 23
? ?access-list 100 permit tcp any any

? ?!-- Permit (Police or Drop)/Deny (Allow) all other Layer3 and Layer4
? ?!-- traffic in accordance with existing security policies and
? ?!-- configurations for traffic that is authorized to be sent
? ?!-- to infrastructure devices.
? ?!-- Create a Class-Map for traffic to be policed by
? ?!-- the CoPP feature.

? ?class-map match-all drop-tcp-class
? ? ?match access-group 100

? ?!-- Create a Policy-Map that will be applied to the
? ?!-- Control-Plane of the device, and add the "drop-tcp-traffic"
? ?!-- class map.

? ?policy-map control-plane-policy
? ? class drop-tcp-class
? ? ?drop

? ?!-- Apply the Policy-Map to the Control-Plane of the
? ?!-- device.

? ?control-plane
? ? service-policy input control-plane-policy

Warning: Because a TCP three-way handshake is not required to
exploit this vulnerability, it is possible to easily spoof the IP
address of the sender, which may defeat access control lists (ACLs)
that permit communication to these ports from trusted IP addresses.

In the above CoPP example, the access control entries (ACEs) that
match the potential exploit packets with the "permit" action result
in these packets being discarded by the policy-map "drop" function,
while packets that match the "deny" action (not shown) are not
affected by the policy-map drop function. Additional information on
the configuration and use of the CoPP feature can be found at:

http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtrtlimt.html

Configuring Infrastructure Access Lists (iACLs)
+----------------------------------------------

Although it is often difficult to block traffic transiting your
network, it is possible to identify traffic that should never be
allowed to target your infrastructure devices and block that traffic
at the border of your network. Infrastructure ACLs are considered a
network security best practice and should be considered as a
long-term addition to good network security as well as a workaround
for this specific vulnerability. The white paper entitled "Protecting
Your Core: Infrastructure Protection Access Control Lists" presents
guidelines and recommended deployment techniques for infrastructure
protection ACLs:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801afc76.shtml

BGP Considerations
+-----------------

BTSH/GTSM can help prevent exploitation of this vulnerability via the
BGP port because packets coming from devices that do not pass the TTL
check configured via BTSH are dropped before any TCP processing takes
place. For information on BTSH refer to:

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gt_btsh.html

MD5 authentication for BGP peering sessions can also help prevent
exploitation via the BGP port because the MD5 hash in an attack
packet is checked before processing the crafted TCP option. For a
detailed discussion on how to configure BGP, refer to the following
document:

http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1cbgp.html

Obtaining Fixed Software
========================

Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.

Customers may only install and expect support for the feature sets
they have purchased. By installing, downloading, accessing or
otherwise using such software upgrades, customers agree to be bound
by the terms of Cisco's software license terms found at:

http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html

or as otherwise set forth at Cisco.com Downloads at:

http://www.cisco.com/public/sw-center/sw-usingswc.shtml

Do not contact psirt at cisco.com or security-alert at cisco.com for
software upgrades.

Customers with Service Contracts
+-------------------------------

Customers with contracts should obtain upgraded software through
their regular update channels. For most customers, this means that
upgrades should be obtained through the Software Center on Cisco's
worldwide website at http://www.cisco.com.

Customers using Third Party Support Organizations
+------------------------------------------------

Customers whose Cisco products are provided or maintained through
prior or existing agreements with third-party support organizations,
such as Cisco Partners, authorized resellers, or service providers
should contact that support organization for guidance and assistance
with the appropriate course of action in regards to this advisory.

The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or
fix is the most appropriate for use in the intended network before it
is deployed.

Customers without Service Contracts
+----------------------------------

Customers who purchase direct from Cisco but do not hold a Cisco
service contract, and customers who purchase through third-party
vendors but are unsuccessful in obtaining fixed software through
their point of sale should acquire upgrades by contacting the Cisco
Technical Assistance Center (TAC). TAC contacts are as follows.

?* +1 800 553 2447 (toll free from within North America)
?* +1 408 526 7209 (toll call from anywhere in the world)
?* e-mail: tac at cisco.com

Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to
a free upgrade. Free upgrades for non-contract customers must be
requested through the TAC.

Refer to:

http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html

for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.

Exploitation and Public Announcements
=====================================

The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerability described in this advisory.

This vulnerability was discovered during the resolution of customer
service requests.

Status of this Notice: FINAL
============================

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.

A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.

Distribution
============

This advisory is posted on Cisco's worldwide website at:

http://www.cisco.com/warp/public/707/cisco-sa-20100324-tcp.shtml

In addition to worldwide web posting, a text version of this notice
is clear-signed with the Cisco PSIRT PGP key and is posted to the
following e-mail and Usenet news recipients.

?* cust-security-announce at cisco.com
?* first-bulletins at lists.first.org
?* bugtraq at securityfocus.com
?* vulnwatch at vulnwatch.org
?* cisco at spot.colorado.edu
?* cisco-nsp at puck.nether.net
?* full-disclosure at lists.grok.org.uk
?* comp.dcom.sys.cisco at newsgate.cisco.com

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+-------------------------------------------------------------------+
| Revision 1.0 ? ?| 2010-March-24 ? ?| Initial public release ? ? ? |
+-------------------------------------------------------------------+

Cisco Security Procedures
=========================

Complete information on reporting security vulnerabilities in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is available
on Cisco's worldwide website at:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

This includes instructions for press inquiries regarding Cisco security
notices. All Cisco security advisories are available at:

http://www.cisco.com/go/psirt
-----BEGIN PGP SIGNATURE-----

iD8DBQFLqO4X86n/Gc8U/uARAkFHAJ9A2DAYpZ29R/g1lNhUM76w5ap2gQCeMbpw
ThV53uGf+JfVBR8psJb8Rkc=
=Rdao
-----END PGP SIGNATURE-----
_______________________________________________
cisco-nsp mailing list ?cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



-- 

Eduardo Ascen?o Reis

From eduardo at intron.com.br  Thu Mar 25 13:49:54 2010
From: eduardo at intron.com.br (=?ISO-8859-1?Q?Eduardo_Ascen=E7o_Reis?=)
Date: Thu, 25 Mar 2010 13:49:54 -0300
Subject: [GTER] Fwd: [Fellowalumni] IPv6 Panel at IETF 77 - presentations
	and audio archive
In-Reply-To: <97F1BADEC98B48E3AB43F2A199F779FA@ISOC.local>
References: <97F1BADEC98B48E3AB43F2A199F779FA@ISOC.local>
Message-ID: <45e3c45f1003250949j206d5808gad693d6680ea8ca2@mail.gmail.com>

---------- Forwarded message ----------

Hi All,

Just want to let you know that at
http://www.isoc.org/isoc/conferences/ipv6momentum/ you can now access
the presentations and audio archive of the IPv6 Panel -- "IPv6: Are we
there yet?" -- that took place at the IETF 77 meeting in Anaheim on
Tuesday, 23 March.

Panelists:

+ Leslie Daigle, Internet Society

+ Geoff Huston, APNIC

+ Jason Livingood, Comcast

+ David Temkin, Netflix

+ Magnus Westerlund, Ericsson Research


Kind regards,

Leni Nazare
Administrative Assistant
Internet Society

-- 

Eduardo Ascen?o Reis

From eascenco at nic.br  Sun Mar 28 05:48:27 2010
From: eascenco at nic.br (Eduardo Ascenco Reis)
Date: Sun, 28 Mar 2010 05:48:27 -0300
Subject: [GTER] IETF 77 Plenary - The Rapid Consolidation of Internet
 Content and Privacy Diffusion
Message-ID: <4BAF17DB.7050900@nic.br>

Caros Colegas,

Segue abaixo as refer?ncias de duas apresenta??es interessantes feitas 
na plen?ria da reuni?o 77 do IETF:

Internet Traffic and Content Consolidation
Craig Labovitz
Chief Scientist, Arbor Networks
http://www.ietf.org/proceedings/10mar/slides/plenaryt-4.pdf

Privacy Leakage on the Internet
Balachander Krishnamurthy
AT&T Labs?Research
http://www.ietf.org/proceedings/10mar/slides/plenaryt-5.pdf

Abra?os,

-- 

Eduardo Ascen?o Reis

NIC.br - http://nic.br/

From paulo.rddck at bsd.com.br  Sat Mar 27 13:14:49 2010
From: paulo.rddck at bsd.com.br (Paulo Henrique)
Date: Sat, 27 Mar 2010 13:14:49 -0300
Subject: [GTER] =?iso-8859-1?q?Sugest=E3o_quanto_a_garantia_de_servicos=2C?=
	=?iso-8859-1?q?_comparando_Linux_X_BSDs_X_Soluc=F5es_dedicadas_=28?=
	=?iso-8859-1?q?_CISCO=2C_JUNNIPER_=29?=
Message-ID: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>

Ola a todos da lista muito raramente escrevo para lista, contudo, atualmente
gostaria de mais opni?es quanto a uma situac?o que est? comecando a ser
presenciada por mim na empresa que trabalho.

Devido a demanda, gostaria de saber a opni?o dos senhores quanto a
custo/beneficio tanto por parte de implementac?o quanto operac?o (considerar
m?o de obra ) sobre o seguinte cen?rio.

Roteamento com BGP qual o real custo quanto as seguintes soluc?es.

Implementac?o em FreeBSD/OpenBSD.
Implementac?o em GNU/Linux Slackware.
Implementac?o em IOS ou JunOS.

Enfileiramente de pacotes:

Implementac?o em FreeBSD/OpenBSD.
Implementac?o em GNU/Linux.
Implementac?o em IOS ou JunOS.

No caso o que seria mais viavel mantendo uma qualidade de servico
satisfatoria.
Sem considerar quanto a praticidade de utilizac?o, contudo considerando
seguranca, estabilidade e disponibilidade.

Quanto ao hardware com excess?o de IOS e JunOS os demais trabalhar? sobre
X86-64 com grande quantidade de memoria e interfaces Gigabit.

Outro fator  que influ?ncia pois sou administrador de sistemas tanto
FreeBSD/OpenBSD entao quanto a soluc?o BSDs o custo de implementac?o sera
absolvido internamente na empresa, o que n?o ocorre nos demais casos.

Executei v?rios calculos contudo sobresaem sempre soluc?o baseada em BSDs,
alguma opni?o diferente.

Sem mais, o fato de n?o ter cedilha ? devido a falha do firefox quanto ao
layout do teclado.



-- 
:=)>Paulo Henrique (JSRD)<(=:

Alone,  locked, a survivor, unfortunately not know who I am

From jarruda-gter at jarruda.com  Sun Mar 28 13:14:53 2010
From: jarruda-gter at jarruda.com (Julio Arruda)
Date: Sun, 28 Mar 2010 12:14:53 -0400
Subject: [GTER]
 =?iso-8859-1?q?Sugest=E3o_quanto_a_garantia_de_servicos=2C?=
 =?iso-8859-1?q?_comparando_Linux_X_BSDs_X_Soluc=F5es_dedicadas_=28_CISCO?=
 =?iso-8859-1?q?=2C_JUNNIPER_=29?=
In-Reply-To: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>
References: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>
Message-ID: <9B0D4A14-E8E2-4517-8EB9-378BC81C4A68@jarruda.com>

Uma notas..
Suportabilidade de uma solucao nao pode ser baseado em uma pessoa somente..
Tem que ser baseado em mais de uma pessoa tendo expertise, e tem que ter em conta ferias, turnover e etc..
No mercado onde trabalho, tambem e' importante capacidade de resistir a DDoS, e capacidade de prover telemetria..



On Mar 27, 2010, at 12:14 PM, Paulo Henrique wrote:

> Ola a todos da lista muito raramente escrevo para lista, contudo, atualmente
> gostaria de mais opni?es quanto a uma situac?o que est? comecando a ser
> presenciada por mim na empresa que trabalho.
> 
> Devido a demanda, gostaria de saber a opni?o dos senhores quanto a
> custo/beneficio tanto por parte de implementac?o quanto operac?o (considerar
> m?o de obra ) sobre o seguinte cen?rio.
> 
> Roteamento com BGP qual o real custo quanto as seguintes soluc?es.
> 
> Implementac?o em FreeBSD/OpenBSD.
> Implementac?o em GNU/Linux Slackware.
> Implementac?o em IOS ou JunOS.
> 
> Enfileiramente de pacotes:
> 
> Implementac?o em FreeBSD/OpenBSD.
> Implementac?o em GNU/Linux.
> Implementac?o em IOS ou JunOS.
> 
> No caso o que seria mais viavel mantendo uma qualidade de servico
> satisfatoria.
> Sem considerar quanto a praticidade de utilizac?o, contudo considerando
> seguranca, estabilidade e disponibilidade.
> 
> Quanto ao hardware com excess?o de IOS e JunOS os demais trabalhar? sobre
> X86-64 com grande quantidade de memoria e interfaces Gigabit.
> 
> Outro fator  que influ?ncia pois sou administrador de sistemas tanto
> FreeBSD/OpenBSD entao quanto a soluc?o BSDs o custo de implementac?o sera
> absolvido internamente na empresa, o que n?o ocorre nos demais casos.
> 
> Executei v?rios calculos contudo sobresaem sempre soluc?o baseada em BSDs,
> alguma opni?o diferente.
> 
> Sem mais, o fato de n?o ter cedilha ? devido a falha do firefox quanto ao
> layout do teclado.
> 
> 
> 
> -- 
> :=)>Paulo Henrique (JSRD)<(=:
> 
> Alone,  locked, a survivor, unfortunately not know who I am
> --
> gter list    https://eng.registro.br/mailman/listinfo/gter


From antoniocarlospina at gmail.com  Sun Mar 28 15:00:31 2010
From: antoniocarlospina at gmail.com (Antonio Carlos Pina)
Date: Sun, 28 Mar 2010 15:00:31 -0300
Subject: [GTER]
 =?utf-8?q?Sugest=C3=A3o_quanto_a_garantia_de_servicos=2C_c?=
 =?utf-8?q?omparando_Linux_X_BSDs_X_Soluc=C3=B5es_dedicadas_=28_CISCO=2C_J?=
 =?utf-8?q?UNNIPER_=29?=
In-Reply-To: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>
References: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>
Message-ID: <26E222E4-9D86-46EE-8CBA-F6346BF1DAD9@gmail.com>

Banda e pacotes por segundo (principalmente!) ser?o sua limita??o.

Abs
Antonio Carlos Pina
Diretor de Tecnologia
http://www.alog.com.br

Enviado via ALOG Exchange Mobile

On 27/03/2010, at 13:14, Paulo Henrique <paulo.rddck at bsd.com.br> wrote:

> Ola a todos da lista muito raramente escrevo para lista, contudo,  
> atualmente
> gostaria de mais opni?es quanto a uma situac?o que est? comecando  
> a ser
> presenciada por mim na empresa que trabalho.
>
> Devido a demanda, gostaria de saber a opni?o dos senhores quanto a
> custo/beneficio tanto por parte de implementac?o quanto operac?o (co 
> nsiderar
> m?o de obra ) sobre o seguinte cen?rio.
>
> Roteamento com BGP qual o real custo quanto as seguintes soluc?es.
>
> Implementac?o em FreeBSD/OpenBSD.
> Implementac?o em GNU/Linux Slackware.
> Implementac?o em IOS ou JunOS.
>
> Enfileiramente de pacotes:
>
> Implementac?o em FreeBSD/OpenBSD.
> Implementac?o em GNU/Linux.
> Implementac?o em IOS ou JunOS.
>
> No caso o que seria mais viavel mantendo uma qualidade de servico
> satisfatoria.
> Sem considerar quanto a praticidade de utilizac?o, contudo considera 
> ndo
> seguranca, estabilidade e disponibilidade.
>
> Quanto ao hardware com excess?o de IOS e JunOS os demais trabalhar?  
> sobre
> X86-64 com grande quantidade de memoria e interfaces Gigabit.
>
> Outro fator  que influ?ncia pois sou administrador de sistemas tanto
> FreeBSD/OpenBSD entao quanto a soluc?o BSDs o custo de implementac?o 
>  sera
> absolvido internamente na empresa, o que n?o ocorre nos demais casos.
>
> Executei v?rios calculos contudo sobresaem sempre soluc?o baseada em 
>  BSDs,
> alguma opni?o diferente.
>
> Sem mais, o fato de n?o ter cedilha ? devido a falha do firefox quan 
> to ao
> layout do teclado.
>
>
>
> -- 
> :=)>Paulo Henrique (JSRD)<(=:
>
> Alone,  locked, a survivor, unfortunately not know who I am
> --
> gter list    https://eng.registro.br/mailman/listinfo/gter

From henrique.holschuh at ima.sp.gov.br  Mon Mar 29 09:29:31 2010
From: henrique.holschuh at ima.sp.gov.br (Henrique de Moraes Holschuh)
Date: Mon, 29 Mar 2010 09:29:31 -0300
Subject: [GTER]
 =?iso-8859-1?q?Sugest=E3o_quanto_a_garantia_de_servicos=2C?=
 =?iso-8859-1?q?_comparando_Linux_X_BSDs_X_Soluc=F5es_dedicadas_=28_CISCO?=
 =?iso-8859-1?q?=2C_JUNNIPER_=29?=
In-Reply-To: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>
References: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>
Message-ID: <4BB09D2B.5040903@ima.sp.gov.br>

Paulo Henrique wrote:
> Devido a demanda, gostaria de saber a opni?o dos senhores quanto a
> custo/beneficio tanto por parte de implementac?o quanto operac?o (considerar
> m?o de obra ) sobre o seguinte cen?rio.
> 
> Roteamento com BGP qual o real custo quanto as seguintes soluc?es.
> 
> Implementac?o em FreeBSD/OpenBSD.
> Implementac?o em GNU/Linux Slackware.
> Implementac?o em IOS ou JunOS.
> 
> Enfileiramente de pacotes:
> 
> Implementac?o em FreeBSD/OpenBSD.
> Implementac?o em GNU/Linux.
> Implementac?o em IOS ou JunOS.

Qual banda de rede?  Quantos PPS?  Quantas interfaces gigabit-ethernet? 
  Esses items v?o definir a dificuldade em se usar servidores ao inv?s 
de uma caixa especializada.

-- 
Henrique de Moraes Holschuh <hmh at ima.sp.gov.br>
IM@ - Inform?tica de Munic?pios Associados
Engenharia de Telecomunica??es
TEL +55-19-3755-6555/CEL +55-19-9293-9464

Antes de imprimir, lembre-se de seu compromisso com o Meio Ambiente
e do custo que voc? pode evitar.

From gter at registro.br  Mon Mar 29 12:07:31 2010
From: gter at registro.br (Secretaria GTER29)
Date: Mon, 29 Mar 2010 12:07:31 -0300
Subject: [GTER] Ultima Chamada de Trabalhos GTER 29 - Encerra Hoje
Message-ID: <20100329150731.GB29442@registro.br>

GTER - Grupo de Trabalho de Engenharia e Opera??o de Redes - 29? Reuni?o
GTS - Grupo de Trabalho em Seguran?a de Redes - 15? Reuni?o
S?o Paulo - 14 e 15 de maio de 2010
http://gter.nic.br/
http://gts.nic.br/


                     ** Chamada de Trabalhos **


O Grupo de Trabalho de Engenharia e Opera??o de Redes, em sua 29?
Reuni?o a ser realizada nos dias 14 e 15 de maio de 2010 em S?o Paulo,
convida a comunidade de operadores de servi?os internet no Brasil para
o envio de apresenta??es sobre Engenharia e Opera??o de Redes
Internet.

O material deve tratar principalmente de aspectos pr?ticos e
operacionais da atualidade dos servi?os Internet no pa?s.

Segue uma lista, ordenada alfabeticamente e n?o exaustiva, de
sugest?es para t?picos:

DoS / DDoS
Engenharia de Tr?fego / Roteamento
Escalabilidade
IP Switching / Filtering
IPv6
Internet eXchange
Network Aplications (DNS, SMTP, HTTP, VoIP etc.)
Network Management
Proxies
?ltima Milha (Wi-Fi, WiMAX, xDSL, FTTH, HFC, xPON etc.)
VPNs
Wireless

Seguindo o modelo dos eventos anteriores, a reuni?o do GTS - Grupo de
Trabalho de Seguran?a, estar? ocorrendo conjuntamente, mas desta vez
ser? realizada no primeiro dia do evento para que o programa de
seguran?a se integre melhor com a ocorr?ncia pr?via do CeCOS IV
http://www.antiphishing.org/events/2010_opSummit.html. A chamada
espec?fica de trabalhos para a reuni?o do GTS pode ser consultada em
http://gts.nic.br/

A infra-estrutura do evento ? patrocinada pelo Comit? Gestor da
Internet no Brasil, mas h? oportunidades de patroc?nio de camisetas,
coffee-breaks e eventos sociais; detalhes de patroc?nio podem ser
encontrados em http://gter.nic.br/reunioes/como-patrocinar

Forma / Formato de Envio
------------------------
Os resumos de apresenta??es dever?o ser enviados para gter at
registro.br em formato texto no corpo do email e dever?o conter
obrigatoriamente:

 - T?tulo do Trabalho
 - Nome do(s) Apresentador(es)
 - Resumo
 - Tempo estimado

As apresenta??es devem ter dura??o m?xima de 60 minutos incluindo
tempo para perguntas e respostas.

Este material e adi??es caso sejam solicitadas, ser? utilizado como
base para aceita??o das apresenta??es pelo Comit? do Programa. As
apresenta??es finais dever?o ser enviadas em formato A4 Postscript ou
PDF.


Datas Importantes
-----------------
Limite para envio dos resumos   29/03/2010
Notifica??es dos Autores        09/04/2010
Pr?-agenda                      12/04/2010
Abertura das Inscri??es         12/04/2010


Local
-----
Blue Tree Towers Morumbi
S?o Paulo - SP


Apoio
-----
Comit? Gestor da Internet no Brasil


Organiza??o
-----------
NIC.br

-- 
 Secretaria GTER 29? Reuni?o                           <gter at registro.br>
 S?o Paulo - 14 e 15 de maio de 2010                  http://gter.nic.br/

From giulianocm at uol.com.br  Mon Mar 29 12:34:37 2010
From: giulianocm at uol.com.br (GIULIANOCM (UOL))
Date: Mon, 29 Mar 2010 12:34:37 -0300
Subject: [GTER]
 =?iso-8859-1?q?Sugest=E3o_quanto_a_garantia_de_servicos=2C?=
 =?iso-8859-1?q?_comparando_Linux_X_BSDs_X_Soluc=F5es_dedicadas_=28_CISCO?=
 =?iso-8859-1?q?=2C_JUNNIPER_=29?=
In-Reply-To: <4BB09D2B.5040903@ima.sp.gov.br>
References: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>
	<4BB09D2B.5040903@ima.sp.gov.br>
Message-ID: <4BB0C88D.9020708@uol.com.br>

>> Implementac?o em IOS ou JunOS.

Falando especificamente de solucoes fechadas, baseadas em IOS ou JUNOS.

Algumas consideracoes que sempre temos encontrado:

- Tentar comprar uma solucao escalavel e modular (Ex. JUNIPER 
M-Series/MX-Series ou CISCO ASR)

- Se for aplicar a solucao em provedor ISP ou se for rodar BGP, 
verificar a capacidade de rotas suportadas na RIB e na FIB para nao ter 
surpresas. As caixas suportam FULL Routing ?  Se sim ... quantos 
peerings full routing a caixa suporta ?

- Quais os tipos de interface que voce vai precisar ?  E so ethernet ? 
Ou vai precisar de interfaces ATM ou SDH ? E1 ? E3 ?

- Qual o volume de trafego real que ira passar pela caixa ?  Qual o 
volume em pacotes por segundo ?  Importante considerar o volume de 
trafego IMIX e volume de trafego com pacotes menores de 64 bytes. A 
maioria dos fabricantes te da essa informacao. Se nao der, pergunte. 
Pois sao informacoes importantes.

- Em equipamentos modulares ... considerar o numero de interfaces que 
voce tem. No caso de um M7i a caixa, considerando a modularidade ... 
suporta no maximo 5 Gbps de trafego full duplex. Se voce somente tiver 1 
unica interface (PIC) gigabit nessa caixa ... ela nunca alancan?ar? 5 Gbps.

- Para altos volumes, tentar comprar equipamentos com processamento de 
pacotes em hardware e que tenham a separacao dos planos de controle e 
encaminhamento bem definidas em hardware. (Ambas CISCO e JUNIPER possuem 
solucoes desse tipo).

- Prestar atencao em interfaces que nao sao WIRE RATE ... que em geral 
fazem oversubscription ... 2:1, 4:1 , etc.  Pois voce pode ter 
surpresas. Em caixas modulares, em geral, cada slot suporta um volume 
maximo de trafego, devido a formatacao da matriz de comutacao principal.

- Comprar treinamento tecnico para aprender a lidar com o sistema. Em 
geral, a mudanca de IOS pra JUNOS (ou vice versa) deve ser relativamente 
simples, porem, e importante conhecer em detalhes os caminhos de 
configuracao proprietarios de cada arquitetura ou de cada equipamento.

- Nunca esquecer de comprar um pacote de reposicao original do 
fabricante (CON-OS, CON-SNT ou SVC). Em geral equipamentos semi-novos 
nao possuem tal facilidade, pois o fabricante em geral faz o mapeamento 
dos numeros seriais que entram registrados (e legalmente) no pais.

	- Ter acesso aos updates e upgrades de software
	- Ter um pacote de reposicao de hardware em caso de falha (NBD8x5 ou 
SD24x7)
	- Ter acesso ao portal de suporte do fabricante para poder tirar 
duvidas de configuracao
	- Ter acesso direto ao portal de suporte do fabricante para poder 
relatar bugs ou falhas e pedir suporte ou RMA


- Comprar o sistema operacional que ja lhe atenda de imediato, pra nao 
ter surpresas no futuro com a questao do preco de licencas para rodar 
funcionalidades que necessitem ser ativadas como: BGP, ISIS, IPv6, 
Multicast, MPLS, NETFLOW, IPSEC VPN,etc


- Integradores e fabricantes poderao lhe dar suporte de varios niveis. A 
negociacao comercial e importante.

- Nunca deixar de comprar o pacote de suporte direto do fabricante e 
sempre lembrar de pegar um documento que comprove que voce tem esse 
suporte pelo fabricante (com data de inicio e de fim). Ja presenciamos 
muitos "rolos" com relacao a isso. Ao registrar o equipamento no site do 
fabricante voce tera acesso ao numero serial do seu equipamento, os 
itens de hardware do mesmo e os contratos de servico com datas de inicio 
e fim dos mesmos.

From eksffa at freebsdbrasil.com.br  Mon Mar 29 13:14:40 2010
From: eksffa at freebsdbrasil.com.br (Patrick Tracanelli)
Date: Mon, 29 Mar 2010 13:14:40 -0300
Subject: [GTER]
 =?iso-8859-1?q?Sugest=E3o_quanto_a_garantia_de_servicos=2C?=
 =?iso-8859-1?q?_comparando_Linux_X_BSDs_X_Soluc=F5es_dedicadas_=28_CISCO?=
 =?iso-8859-1?q?=2C_JUNNIPER_=29?=
In-Reply-To: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>
References: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>
Message-ID: <4BB0D1F0.8090408@freebsdbrasil.com.br>

Paulo, bom dia.

Paulo Henrique escreveu:
> Devido a demanda, gostaria de saber a opni?o dos senhores quanto a
> custo/beneficio tanto por parte de implementac?o quanto operac?o (considerar
> m?o de obra ) sobre o seguinte cen?rio.
> 
> Roteamento com BGP qual o real custo quanto as seguintes soluc?es.

Acho que voc? quer uma forma de calcular o TCO das solu??es
apresentadas. Infelizmente voc? n?o dimensionou a demanda que esses
equipamentos devem atender, em pkt/s e bit/s. N?o dimensionou tamb?m a
expectativa de sess?es simult?neas, peers BGP, etc. Dessa forma fica
dificil partir pra opini?o sobre quando voc? encontrar? limites nas
solu??es mencionadas.

A primeira coisa ? calcular o custo total de aquisi??o. Pra isso
dimensione sua demanda e pras solu??es baseadas em commoditie hardware,
fa?a seus or?amentos, lembrando que talvez voc? queira optar por
Disk-On-Module, mem?ria flash ou outras tecnologias ao inv?s de discos
convencionais pros servidores, e lembrando que as placas de rede dos
servidores devem ser adequadas. O que pode te levar ? Intel Pro Gigabit
Server (n?o as Desktops) que v?o dar um UP nos seus custos.

Tenha esse valor de aquisi??o or?ado.

Levante nas op??es comerciais qual modelo de equipamento vai te atender
e fa?a o or?amento. Tente prestar aten??o nos limites da licen?a de uso,
procurando perguntar se tem upgrade que te extenda em funcionalidades ou
capacidade.

Avalie o impacto na sua organiza??o em rela??o ? capacita??o do seu
corpo t?cnico. Voc?s tem profissionais capacitados em BSD, em Linux, em
Cisco ou em Juniper? Vou assumir que n?o tenha em nenhum pra ficar
f?cil. Nesse caso avalie o custo de capacita??o (treinamento) nessas
plataformas. Lembrando que a capacita??o pode n?o ser poss?vel em um
?nico curso. Dependendo do fornecedor voc? precisar? de "v?rios m?dulos"
de treinamento para, se seu corpo t?cnico tiver bom aproveitamento,
poder assumir com seguran?a a gest?o da plataforma.

Enquanto seu corpo t?cnico n?o tem seguran?a avalie o custo de um
contrato de suporte com garantias jur?dicas. Enfim, SLAs que voc? possa
cobrar e m?tricas que seu suporte terceirizado deve cumprir.

Some tudo e eis seu TCO para cada solu??o.

C1 = Custo Aquisi??o de Equipamento
C2 = Custo de Licen?a de Uso (nulo pras solu??es BSD e Linux,
provavelmente incluso no C1 dependendo do modelo de equipamento
comercial, mas aten??o, os comerciais quase sempre dependem de "licen?a
extra" para ativar alguma "feature especial").
C3 = Custo de Capacita??o dos seus Recursos Humanos
C4 = Numero de Pessoas que Precisar?o ser capacitadas para cuidar dos
seus equipamentos (dependendo do n?vel de cobertura do C5, esse numero
de pessoas pode come?ar menor e se tornar maior depois)
C5 = Custo de Contrato de Suporte por tempo DETERMINADO at? sua equipe
estar segura para coduzir a gest?o do ambiente. Eis seu TCO.

TCO = C1 + C2 + (C3 * C4) + C5

Avalei o mesmo c?culo para as 4 op??es (BSD, Linux, Cisco, Juniper),
avalie de fato todos os itens, mesmo que voc? tenha gente capacitada em
BSD, em Juniper, etc. Pois assumindo q voc? n?o tem vai te dar uma boa
base do custo geral.

Depois avalie o que voc? ja tem, se vai poder diminuir os custos pra uma
dada solu??o. Por exemplo, se voc? ja tem profissionais que tem um bom
conhecimento em Cisco pode ter um custo menor na capacita??o deles em
rela??o a Juniper. Se ja tem equipe que trabalha com Linux pode ter
custo menor do q pra capacitar em BSD. Mas primeiro avalie se voc?
realmente precisasse investir em tudo. Depois avalie seu caso em espec?fico.

Por ?ltimo, voc? precisa de garantias. Procure garantias que sua solu??o
vai funcionar e dar? conta da sua demanda. Essa garantia pode ser
expl?cita, por exemplo, no contrato que voc? esabelecer com terceiros.

Ou pode ser na sua busca por refer?ncias (ou seja ser? que o BSD vai dar
conta? Quem roda em BSD ambiente similar? Procure saber... ser? que o
Linux vai dar conta? quem roda em Linux demanda similar? Sera que o
produto XYZ na vers?o ABC vai dar conta)? procure saber... procure
garantias).

Enfim, n?o vejo outra linha de raciocionio pra seguir pra buscar a sua
resposta.

Obviamente eu tenho minhas opini?es pessoais, intr?nsecas ao meu
dia-a-dia, mas voc? deve buscar suas conclus?es respaldadas em dados, em
fatos, e em soma de valor $$$ que no final das contas tudo que seu
gerente ou quem quer q v? liberar seu budget quer saber ? "qual ? op??o
que NOS ATENDE e CUSTA MENOS?"









-- 
Patrick Tracanelli

FreeBSD Brasil LTDA.
Tel.: (31) 3516-0800
316601 at sip.freebsdbrasil.com.br
http://www.freebsdbrasil.com.br
"Long live Hanin Elias, Kim Deal!"


From eschoedler at viavale.com.br  Mon Mar 29 13:34:26 2010
From: eschoedler at viavale.com.br (Eduardo Schoedler)
Date: Mon, 29 Mar 2010 13:34:26 -0300
Subject: [GTER] =?iso-8859-1?q?RES=3A__Sugest=E3o_quanto_a_garantia_de_ser?=
	=?iso-8859-1?q?vicos=2C_comparando_Linux_X_BSDs_X_Soluc=F5es_dedic?=
	=?iso-8859-1?q?adas_=28_CISCO=2C_JUNNIPER_=29?=
In-Reply-To: <4BB09D2B.5040903@ima.sp.gov.br>
References: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>
	<4BB09D2B.5040903@ima.sp.gov.br>
Message-ID: <00fb01cacf5d$b2c7d7f0$185787d0$@com.br>

Henrique de Moraes Holschuh escreveu:
> Qual banda de rede? Quantos PPS? Quantas interfaces gigabit-ethernet?

Qual o hardware das interfaces gigabit-ethernet?
Se voc? utilizar, por exemplo, Broadcom, ter? grandes diferen?as no
throughput em rela??o a Intel.
O tipo de conex?o (slot) tamb?m conta.

--
Eduardo Schoedler


From henrique.holschuh at ima.sp.gov.br  Mon Mar 29 14:39:04 2010
From: henrique.holschuh at ima.sp.gov.br (Henrique de Moraes Holschuh)
Date: Mon, 29 Mar 2010 14:39:04 -0300
Subject: [GTER]
 =?iso-8859-1?q?RES=3A__Sugest=E3o_quanto_a_garantia_de_ser?=
 =?iso-8859-1?q?vicos=2C_comparando_Linux_X_BSDs_X_Soluc=F5es_dedicadas_?=
 =?iso-8859-1?q?=28_CISCO=2C_JUNNIPER_=29?=
In-Reply-To: <00fb01cacf5d$b2c7d7f0$185787d0$@com.br>
References: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>
	<4BB09D2B.5040903@ima.sp.gov.br>
	<00fb01cacf5d$b2c7d7f0$185787d0$@com.br>
Message-ID: <4BB0E5B8.7050904@ima.sp.gov.br>

Eduardo Schoedler wrote:
> Henrique de Moraes Holschuh escreveu:
>> Qual banda de rede? Quantos PPS? Quantas interfaces gigabit-ethernet?
> 
> Qual o hardware das interfaces gigabit-ethernet?

O hardware *inteiro* do servidor, inclusive que placas m?e e chipset s?o 
aceit?veis, voc? deve definir depois de saber os PPS e quantas 
interfaces vai precisar.

-- 
Henrique de Moraes Holschuh <hmh at ima.sp.gov.br>
IM@ - Inform?tica de Munic?pios Associados
Engenharia de Telecomunica??es
TEL +55-19-3755-6555/CEL +55-19-9293-9464

Antes de imprimir, lembre-se de seu compromisso com o Meio Ambiente
e do custo que voc? pode evitar.

From adriano at acmesecurity.org  Mon Mar 29 17:04:41 2010
From: adriano at acmesecurity.org (Adriano Cansian)
Date: Mon, 29 Mar 2010 17:04:41 -0300
Subject: [GTER] Ultima Chamada GTS-15 - Sao Paulo - Deadline HOJE - 29/3/2010
Message-ID: <F9604685-5FEE-4F1C-B572-AF9AA7720AFA@acmesecurity.org>

--> ?LTIMA CHAMADA GTS-15 - Sao Paulo

--> Deadline HOJE - 29/3/2010


GTER - Grupo de Trabalho de Engenharia e Opera??o de Redes - 29? Reuni?o
GTS - Grupo de Trabalho em Seguran?a de Redes - 15? Reuni?o
S?o Paulo - 14 e 15 de maio de 2010
http://gter.nic.br/
http://gts.nic.br/

% Chamada de Trabalhos

O GTS - Grupo de Trabalho em Seguran?a de Redes, est? organizando sua  
15a. Reuni?o em conjunto com a 29a. Reuni?o do Grupo de Trabalho de  
Engenharia e Opera??o de Redes (GTER), nos dias 14 e 15 de MAIO de  
2010, em S?O PAULO, SP.

A reuni?o do GTS  estar? ocorrendo conjuntamente com o GTER, mas desta  
vez ser? realizada no primeiro dia do evento, para que o programa de  
seguran?a se integre melhor com a ocorr?ncia pr?via do IV CeCOS -  
Counter-eCrime Operations Summit  http://www.antiphishing.org/events/2010_opSummit.html

% Agenda:

11 a 13.05.2010: IV CeCOS (Counter-eCrime Operations Summit)
14.05.2010: GTS-15
15.05.2010: GTER-29

% PATROCINADORES:

A infra-estrutura do evento ? patrocinada pelo Comit? Gestor da  
Internet no Brasil, mas h? oportunidades de patroc?nio de camisetas,  
coffee-breaks e eventos sociais. Detalhes de patroc?nio podem ser  
encontrados em http://gter.nic.br/reunioes/como-patrocinar

% Chamada

Assim, convidamos a comunidade de profissionais de Internet no Brasil  
para o envio de propostas de apresenta??es.

O material deve tratar principalmente de aspectos pr?ticos e
operacionais da atualidade da seguran?a da Internet no pa?s. O comit? de
programa do GTS busca identificar apresenta??es que procurem
compartilhar aplica??es pr?ticas e experi?ncias de sucesso (ou fracasso)
na ?rea, envolvendo novas tecnologias de seguran?a e estudos de casos.

Segue uma lista n?o exaustiva, de sugest?es para t?picos:

* . An?lise de artefatos;
* . An?lise de risco;
* . Assinaturas digitais;
* . Combate a fraudes por computador;
* . Combate a DoS / DDoS;
* . Continuidade de neg?cios e opera??es;
* . Detec??o e prote??o de intrus?o;
* . Filtros, proxies e firewalls;
* . Per?cia e an?lise forense;
* . Pol?ticas de seguran?a;
* . Preven??o e combate ao spam;
* . Programa??o segura;
* . Recupera??o de desastres;
* . Seguran?a wireless;
* . Seguran?a de infra-estrutura;
* . Seguran?a de sistemas e redes;
* . Seguran?a de opera??o de DNS;
* . Tratamento de incidentes;
* . Outros temas de interesse da comunidade de seguran?a.


Ressalta-se que que as apresenta??es sejam aplicadas e *n?o* devem ser  
voltadas a produtos e solu??es de fornecedores espec?ficos, com fins  
comerciais, nem trabalhos que sejam com ?nfase puramente acad?mica. As  
reuni?es do GTS e do GTER buscam a pluralidade de solu??es, com ?nfase  
em "expertise", e n?o em produtos propriet?rios espec?ficos,  
excetuando-se aqueles de c?digo aberto.

A chamada espec?fica de trabalhos para a reuni?o do GTER pode ser  
consultada em http://gter.nic.br

%  Formato de Envio:

Para a reuni?o do GTS-15 as propostas dever?o ser apresentadas de  
acordo com as instru??es  dispon?veis no endere?o: http://gts.nic.br/reunioes/proposta

As apresenta??es devem ter dura??o m?xima de 50 minutos incluindo tempo
para perguntas e respostas.

Datas Importantes
-----------------
Limite para envio depropostas:  	 29/03/2010
Notifica??es dos Autores:			09/04/2010
Pr?-agenda:						12/04/2010
Abertura das Inscri??es:	         	12/04/2010

Local
-----
Blue Tree Towers Morumbi - S?o Paulo - SP

Apoio
-----
Comit? Gestor da Internet no Brasil

Organiza??o
-----------
NIC.br



From moreiras at nic.br  Mon Mar 29 18:53:21 2010
From: moreiras at nic.br (Antonio M. Moreiras)
Date: Mon, 29 Mar 2010 18:53:21 -0300
Subject: [GTER] tutorial NTP - 07/04/2010 no NIC.br
Message-ID: <4BB12151.6000205@nic.br>

O CEPTRO - Centro de Estudos e Projetos em Tecnologias de Redes e
Opera??es do NIC.br promover?, dia 07 de Abril, quarta feira da pr?xima
semana, um tutorial sobre o NTP - Network Time Protocol.

Dentre os temas tratados estar? o papel do Observat?rio Nacional na
gera??o da Horal Legal Brasileira e do UTC, a import?ncia do NTP para a
Internet, seu funcionamento, bem como detalhes sobre a opera??o dos
servidores de tempo do NTP.br e exemplos pr?ticos de como utiliz?-los.

Informa??es e inscri??es em: http://ceptro.br/tutorialntp.

Informa??es sobre o protocolo NTP e o NTP.br: http://ntp.br.

--
Moreiras.

From gustavo at nexthop.com.br  Mon Mar 29 23:58:07 2010
From: gustavo at nexthop.com.br (Gustavo Rodrigues Ramos)
Date: Mon, 29 Mar 2010 19:58:07 -0700
Subject: [GTER]
	=?iso-8859-1?q?RES=3A_Sugest=E3o_quanto_a_garantia_de_serv?=
	=?iso-8859-1?q?icos=2C_comparando_Linux_X_BSDs_X_Soluc=F5es_dedica?=
	=?iso-8859-1?q?das_=28_CISCO=2C_JUNNIPER_=29?=
In-Reply-To: <00fb01cacf5d$b2c7d7f0$185787d0$@com.br>
References: <52e8c9851003270914y78c28a87u7849aff179034ad2@mail.gmail.com>
	<4BB09D2B.5040903@ima.sp.gov.br>
	<00fb01cacf5d$b2c7d7f0$185787d0$@com.br>
Message-ID: <73d1f88a1003291958j12051efei3b5c863eb377a184@mail.gmail.com>

Ol?,

2010/3/29 Eduardo Schoedler <eschoedler at viavale.com.br>:
> Henrique de Moraes Holschuh escreveu:
>> Qual banda de rede? Quantos PPS? Quantas interfaces gigabit-ethernet?
>
> Qual o hardware das interfaces gigabit-ethernet?
> Se voc? utilizar, por exemplo, Broadcom, ter? grandes diferen?as no
> throughput em rela??o a Intel.
> O tipo de conex?o (slot) tamb?m conta.

E como conta (muito mais que mem?ria, por exemplo). Mais explica??es
aqui: https://calomel.org/network_performance.html

Gustavo.

From Patric.Silva at t-systems.com.br  Wed Mar 31 17:39:21 2010
From: Patric.Silva at t-systems.com.br (Patric Ferreira da Silva)
Date: Wed, 31 Mar 2010 17:39:21 -0300
Subject: [GTER] =?iso-8859-1?q?An=FAncio_de_IP_de_outro_AS?=
In-Reply-To: <4BAF17DB.7050900@nic.br>
References: <4BAF17DB.7050900@nic.br>
Message-ID: <F45EEA01379F744092C9B7FDBCF4DA82051314B5@STS125WKE.services.tsb>

Pessoal,

	Um cliente que possui alocado pelo RIPE um range IPv4/16, est? querendo me disponibilizar um /21 para que eu o anuncie a partir do meu AS.

	Este /21 n?o est? sendo divulgado na Internet ainda. 

	Existe algum problema em se fazer isso? Existe alguma RFC ou documenta??o oficial sobre este procedimento?

	Verifiquei que este cliente tem v?rios /21 anunciados em outros AS's.

Grato pela aten??o
Patric


From rubensk at gmail.com  Wed Mar 31 20:23:54 2010
From: rubensk at gmail.com (Rubens Kuhl)
Date: Wed, 31 Mar 2010 20:23:54 -0300
Subject: [GTER] =?iso-8859-1?q?An=FAncio_de_IP_de_outro_AS?=
In-Reply-To: <F45EEA01379F744092C9B7FDBCF4DA82051314B5@STS125WKE.services.tsb>
References: <4BAF17DB.7050900@nic.br>
	<F45EEA01379F744092C9B7FDBCF4DA82051314B5@STS125WKE.services.tsb>
Message-ID: <m2l6bb5f5b11003311623n795d9d8ja2611cf93ab328a6@mail.gmail.com>

Com alguma combina??o de manipula??o de configura??es ou instala??o de
roteador BGP virtual sem passagem de tr?fego ? em geral poss?vel usar
o AS do pr?prio cliente para gerar esse an?ncio, n?o gerando esse tipo
de inconsist?ncia.

Eu n?o lembro de RFCs especificamente sobre isso (a RFC 1930 s? prev?
essa condi??o para an?ncios que tenham sofrido agrega??o), mas se esse
cliente pretende fazer Anycast, a RFC 4786 especifica que o mesmo AS
deve originar os an?ncios que possam chegar a um ou outro n? anycast.


Rubens


2010/3/31 Patric Ferreira da Silva <Patric.Silva at t-systems.com.br>:
> Pessoal,
>
> ? ? ? ?Um cliente que possui alocado pelo RIPE um range IPv4/16, est? querendo me disponibilizar um /21 para que eu o anuncie a partir do meu AS.
>
> ? ? ? ?Este /21 n?o est? sendo divulgado na Internet ainda.
>
> ? ? ? ?Existe algum problema em se fazer isso? Existe alguma RFC ou documenta??o oficial sobre este procedimento?
>
> ? ? ? ?Verifiquei que este cliente tem v?rios /21 anunciados em outros AS's.
>
> Grato pela aten??o
> Patric
>
> --
> gter list ? ?https://eng.registro.br/mailman/listinfo/gter
>

From renato at frederick.eti.br  Wed Mar 31 21:20:25 2010
From: renato at frederick.eti.br (Renato Frederick)
Date: Wed, 31 Mar 2010 21:20:25 -0300
Subject: [GTER] =?iso-8859-1?q?An=FAncio_de_IP_de_outro_AS?=
In-Reply-To: <F45EEA01379F744092C9B7FDBCF4DA82051314B5@STS125WKE.services.tsb>
References: <4BAF17DB.7050900@nic.br>
	<F45EEA01379F744092C9B7FDBCF4DA82051314B5@STS125WKE.services.tsb>
Message-ID: <63F4D67E5A014C6EAFB2A8ECE304A847@Medina>

Ol?.
Tecnicamente n?o tem problema, s? n?o sei se ? "regulamentado" ou contra 
alguma "best practice" faz?-lo.

Mas vai funcionar.

Ali?s o que este cliente est? fazendo ? parecido com a proposta[1] enviada ? 
LACNIC

[1] http://lacnic.net/documentos/politicas/LAC-2009-04v2-propuesta-pt.pdf


--------------------------------------------------
From: "Patric Ferreira da Silva" <Patric.Silva at t-systems.com.br>
Sent: Wednesday, March 31, 2010 5:39 PM
To: "Grupo de Trabalho de Engenharia e Operacao de Redes" 
<gter at eng.registro.br>
Subject: [GTER] An?ncio de IP de outro AS

> Pessoal,
>
> Um cliente que possui alocado pelo RIPE um range IPv4/16, est? querendo me 
> disponibilizar um /21 para que eu o anuncie a partir do meu AS.
>
> Este /21 n?o est? sendo divulgado na Internet ainda.
>
> Existe algum problema em se fazer isso? Existe alguma RFC ou documenta??o 
> oficial sobre este procedimento?
>
> Verifiquei que este cliente tem v?rios /21 anunciados em outros AS's.
>
> Grato pela aten??o
> Patric
>
> --
> gter list    https://eng.registro.br/mailman/listinfo/gter
>