On Wed, May 21, 2008 at 5:05 PM, mutiny <[EMAIL PROTECTED]> wrote: > A rootkit for Cisco will not damage anything, Cisco has even shown interest > in the development. A rootkit for Cisco will cause Cisco to look into the > issue more closely, which in turn will make IOS *more secure.* >
I'm interested in you saying things will be more secure because of the presentation, but how long will it take for things to be more secure and how big an attack window will the bad guys have after the presentation (A day, a week, a month, a year?) for putting rootkits into Cisco routers before the problem gets fixed? I don't want there to be an attack window of any length... even a day is too long, the bad guys could do a lot in a day. I agree things will be more secure eventually, but whats going to happen between presentation day and some kind of solution for the problem actually being rolled out is the worrying part for me. Cyber armageddon? Do we just say, its your own fault your business went down because you weren't secure... or should the folks who let the presentation go ahead hold some responsiblity for the pwned routers will evitably be hacked. Let's just hope its networks that don't matter that get pwned, and not networks that carry anything important on them. The problem is, all networks are important to somebody... thanks EUSecWest for allowing an attack window of carnage... in the name of making IOS more secure or something. So guys, how long will the attack window be, the bad guys have to pwn routers before things are secure? I am worried about whats going to happen during the attack window of opportunity... This presentation is a bad idea on so many levels which out weigh the Cisco IOS will eventually end up more secure argument. Its the *eventually* part that the bad guys will take advantage of. So has anyone got a time frame in mind of how long the bad guys are going to have? Any estimations? Will Cisco be working to close the attack window time frame after the presentation to keep it to a minimal time frame and to limit damage and disruption caused to its customers? I'm scared, worried, paranoid... All the best, n3td3v _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/