What to do before an IOS disaster strikes

    Date02 Aug 2005
    7017
    Posted ByBrittany Day
    Last week, former Internet Security Systems researcher Michael Lynn presented at the Black Hat USA 2005 conference a reliable process that could be used to exploit Cisco routers running the Internetworking Operating System (IOS.) Even though the exact exploit demonstrated during his presentation was not disclosed, Lynn showed enough details to prove that the exploit is real and that previous misconceptions that routers and switches are not exploitable are false.

    Within days, there were more than a half dozen sites mirroring a copy of Lynn's presentation detailing the IOS exploit process (see Cisco vulnerability posted to Internet). In addition, all major networking mailing lists, such as NANOG, and many blog sites, such as Schneier on Security by security expert Bruce Schneier, were hot with discussions over such topics as responsible and ethical disclosures, possibly exploits and dooms day speculations. A legal defense fund for Lynn has also been created to assist him with the legal battles.

    It's important to recognize that amid all the noise and arguments over the recent events, the specific vulnerability discussed in the presentation was not new. The flaw was patched by Cisco in April. All vulnerable versions of the IOS have been removed from the Cisco's Web site. Cisco also allows upgrades even for non-contract customers as long as the call comes through their technical assistance center.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    12
    radio
    [{"id":"53","title":"Yes","votes":"5","type":"x","order":"1","pct":83.33,"resources":[]},{"id":"54","title":"No","votes":"1","type":"x","order":"2","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.