From: Bogdan Sass (bogdan.sass@catc.ro)
Date: Sat Jan 24 2009 - 21:49:39 ARST
From what I understand from the presentation PDF, this attack falls
into the category of "interesting, scary, but not much we can do about
it" :)
I'm no assembler guru (and especially not when it comes to PowerPC
code), so I don't know exactly what the code presented there can do.
However, the article suggests that the only things we can do to prevent
this type of attacks are:
1) Filter traffic coming to your router (destined for one of its
addresses)
2) Update the IOS as often as possible.
3) Hope that Cisco fixes as many of the IOS vulnerabilities as soon
as possible :P
The first part is easy (most of the time, at least). The third part
is not up to us.
As for the second one... well... that one might be a little more
difficult. For various reasons, ranging from "the need of downtime for
the upgrade" to "bugs in very new IOS versions". :)
>
>
>> Hi Group,
>>
>> Do you have any comment on below subject, please your guidance.
>>
>>
>>
>>
> http://www.darkreading.com/security/perimeter/showArticle.jhtml?articleID=21
> 2
>
>> 700896
>>
-- Bogdan Sass CCAI,CCSP,JNCIA-ER,CCIE #22221 (RS) Information Systems Security Professional "Curiosity was framed - ignorance killed the cat"Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:40 ARST