Is this the fault of the iPhone - With poll!

[nweaver]

Originally posted by: AmigaMan
I just find it amusing the bias of the users in the Network forum compared to the identical poll in the Apple forum. At least we thought it could be a Duke IT problem and not just the iphone. Although I find it odd that both forums still didn't blame Cisco.

Cisco issuing a patch does NOT mean it was their fault, it just shows Cisco's commitment to customers.

WTF?!?! Do you work for their marketing department? Now if an apple user had said that, everyone would be all over them. Ironic ain't it? :/

No, I work in the real world, where the solution isn't always provided by the problem vendor. Cisco is one if the best in the industry, that is why they can command the prices they do. They have issued patches to customers to fix issues with 3rd party devices before, and will do it again. Cisco isn't concerned about what the average Joe thinks, they care about their customers networks working, and being reliable.

 

[JackMDS]

Originally posted by: RebateMonger
Here's a link discusing the conclusion: Duke says the problem is with Cisco. Cisco has issued a "fix".

I am still Not convince.

If there is a standard and the iPhone adhere to standard and Cisco not then it is Cisco fault.

However every time someone comes with a new device there might be old hardware that is

Not compatible wit the New device.

It is more functional to patch the Cisco hardware than to recalling all the iPhones and make them compatible with every piece of hardware that is out there.

It would not be a big surprise to me if someone would find out that Apple has a arrangement with Cisco to absorb part of the cost.

So it might be that it is not a question of Fault but a simple functional issue that the Media, and the like need to blow up because that the way they churn up their business.

In contrast when this type of thing happens to the End_Users we pay for it.

 

[nightowl]

For those of you interested on what was going on.

http://www.cisco.com/warp/publ...-sa-20070724-arp.shtml

 

[spidey07]

Originally posted by: nightowl
For those of you interested on what was going on.

http://www.cisco.com/warp/publ...-sa-20070724-arp.shtml

eeewwwww!

That is one seriously nasty bug.

 

[RebateMonger]

Originally posted by: spidey07
That is one seriously nasty bug.

spidey07,

Can you speculate on why the iPhone exposed this problem and not other WiFi devices?

Thanks,
RebateMonger

 

[heyheybooboo]

Without a doubt . . .

Cisco engineers went to Chapel Hill or Dean Smith was behind it all

 

[spidey07]

Originally posted by: RebateMonger

Originally posted by: spidey07
That is one seriously nasty bug.

spidey07,

Can you speculate on why the iPhone exposed this problem and not other WiFi devices?

Thanks,
RebateMonger

They used the RFC mentioned.

Notice one of the authors was from apple. This is normally what happens when you have programmers writing RFCs.

Also, read the RFC. It's kind of kludgy. I understand what they were going for, but I don't like the method.

Also notice for Cisco bashers - they offer ANY customer a free upgrade if it is a security or vulnerability problem regardless if you have a support contract or not. This is a vulnerability (the bulliten basically outlines how to cause it) and why it wasn't publically acknowledged until a fix/workaround was in place.

 

[spyordie007]

Originally posted by: spidey07

Originally posted by: RebateMonger

Originally posted by: spidey07
That is one seriously nasty bug.

spidey07,

Can you speculate on why the iPhone exposed this problem and not other WiFi devices?

Thanks,
RebateMonger

They used the RFC mentioned.

Notice one of the authors was from apple. This is normally what happens when you have programmers writing RFCs.

Also, read the RFC. It's kind of kludgy. I understand what they were going for, but I don't like the method.

Also notice for Cisco bashers - they offer ANY customer a free upgrade if it is a security or vulnerability problem regardless if you have a support contract or not. This is a vulnerability (the bulliten basically outlines how to cause it) and why it wasn't publically acknowledged until a fix/workaround was in place.

Also this only effects the latest build of WLC software (4.1) which was only released a few months ago, and only if arp-unicast is enabled and clients are doing layer-3 roaming and you're configuration is set to allow clients with static IPs. As far as I'm aware NONE of my clients would be effected by this (and we've sold hundreds of these).

I wouldn't call it an obscure configuration, but definitely not a very common one since all of these factors have to occur.

If the iPhone didn't uncover it than something else probably would have in due time. It just wouldn't have been so widely publicized.

Erik

 

[RebateMonger]

n.m.

 

[nweaver]

wow, that's a nasty bug. Looks like it WAS a Cisco problem, but even more then Cisco, that's a bad RFC. Looks like the iPhone wasn't really sending all those arps, it limited to a couple of arps, and then they were just looped by the Cisco gear.

 

[nightowl]

Actually all versions of the controller code are vulnerable to this. It is in the PSIRT. Only the 4.1 code has been patched.

 

[spyordie007]

Originally posted by: nightowl
Actually all versions of the controller code are vulnerable to this. It is in the PSIRT. Only the 4.1 code has been patched.

As I read it the other versions are vulnerable to specifically crafted requests, but only 4.1 will have the above issues.

If the arpunicast feature has been enabled on the WLC, the WLC will re-forward broadcast ARP packets targeting the IP address of a known client context. This creates an ARP storm if more than one WLC is installed on the corresponding VLAN. This vulnerability is documented as CSCsj50374 ( registered customers only) and only affects version 4.1 of the WLC software (versions 4.0, 3.2, or previous versions are not affected).