On Mon, 26 Feb 2001, Robert Padjen wrote:
> Slightly OT.
>
> Cisco is announcing a number of security holes in
> certain versions of the IOS, likely tomorrow. A number
> of them are starting to get exposure in the security
> press already, and ISPs have been briefed and should
> have patches and other temporary fixes in place
> already. Enterprise customers (some larger ones) were
> briefed today and have already taken steps to thwart
> attacks.
>
> The two biggest threats in my mind are:
>
> - A default SNMP RW string of ILMI.
> - A guessable TCP sequence number process - this could
> be used to hack BGP and other router processes.
>
> There are a number of others. Most of us will be same
> because the attacks need access - for example, you
> deny SNMP from the untrusted networks, right? Thus,
> ILMI is just another guess at the password/string. BGP
> should only accept packets from the neighbor, so
> again, a non-issue hopefully.
Not really a non-issue. BGP is pretty much a sitting duck ready target
for hackers to wake up to. The global internet depends on it. Yet major
potential exists for an outsider to screw with all of BGP in a big way.
You don't have to be a neighbor..............at least not a real one.
brian
>
> The biggest reason for posting this here is for those
> studying security - the next few days should be very
> interesting to watch.
>
> =====
> Robert Padjen
>
> __________________________________________________
> Do You Yahoo!?
> Get email at your own domain with Yahoo! Mail.
> http://personal.mail.yahoo.com/
>
> _________________________________
> FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
-----------------------------------------------
I'm buying / selling used CISCO gear!!
email me for a quote
Brian Feeny,CCDP,CCNP+VAS Scarlett Parria
[EMAIL PROTECTED] [EMAIL PROTECTED]
318-222-2638 x 109 318-222-2638 x 101
Netjam, LLC http://www.netjam.net
1401 Oden St.
Suite 18
Shreveport, LA 71104
Fax 318-221-6612
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
