Gadi, Please try to keep the self-promotion to a minimum, and come back when you have meaningful data to share with operators.
Examples would include a list of affected platforms and code revisions, as well as preventative measures. Thank you, Paul On Fri, May 16, 2008 at 9:06 PM, Gadi Evron <[EMAIL PROTECTED]> wrote: > At the upcoming EusecWest Sebastian Muniz will apparently unveil an IOS > rootkit. skip below for the news item itself. > > We've had discussions on this before, here and elsewhere. I've been > heavily attacked on the subject of considering router security as an issue > when compared to routing security. > > I have a lot to say about this, looking into this threat for a > few years now and having engaged different organizations within Cisco on > the subject in the past. Due to what I refer to as an "NDA of > honour" I will just relay the following until it is "officially" public, > then consider what should be made public, including: > > 1. Current defense startegies possible with Cisco gear > 2. Third party defense strategies (yes, they now exist) > 2. Cisco response (no names or exact quotes will likely be given) > 3. A bet on when such a rootkit would be public, and who won it > (participants are.. "relevant people"). > > From: > http://www.networkworld.com/news/2008/051408-hacker-writes-rootkit-for-ciscos.html > > "A security researcher has developed malicious rootkit software for > Cisco's routers, a development that has placed increasing scrutiny on the > routers that carry the majority of the Internet's traffic. > > Sebastian Muniz, a researcher with Core Security Technologies, developed > the software, which he will unveil on May 22 at the EuSecWest conference > in London. " > > Gadi Evron. > > _______________________________________________ > NANOG mailing list > NANOG@nanog.org > http://mailman.nanog.org/mailman/listinfo/nanog > _______________________________________________ NANOG mailing list NANOG@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog