Slightly OT.
Cisco is announcing a number of security holes in
certain versions of the IOS, likely tomorrow. A number
of them are starting to get exposure in the security
press already, and ISPs have been briefed and should
have patches and other temporary fixes in place
already. Enterprise customers (some larger ones) were
briefed today and have already taken steps to thwart
attacks.
The two biggest threats in my mind are:
- A default SNMP RW string of ILMI.
- A guessable TCP sequence number process - this could
be used to hack BGP and other router processes.
There are a number of others. Most of us will be same
because the attacks need access - for example, you
deny SNMP from the untrusted networks, right? Thus,
ILMI is just another guess at the password/string. BGP
should only accept packets from the neighbor, so
again, a non-issue hopefully.
The biggest reason for posting this here is for those
studying security - the next few days should be very
interesting to watch.
=====
Robert Padjen
__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
