[NANOG] IOS rootkits
ge at linuxbox.org
Fri May 16 20:19:20 CDT 2008
On Fri, 16 May 2008, Paul Wall wrote:
> Please try to keep the self-promotion to a minimum, and come back when
> you have meaningful data to share with operators.
> Examples would include a list of affected platforms and code
> revisions, as well as preventative measures.
Name on the door, money to be sent via paypal. I will sign my playgirl
cover for 5 USD each.
This is operational, and it is about me saying "na na na na na, na na na
na na na" to a discussion from two years ago. I have every intention to
gloat, but I will keep it to a minimum.
> On Fri, May 16, 2008 at 9:06 PM, Gadi Evron <ge at linuxbox.org> wrote:
>> At the upcoming EusecWest Sebastian Muniz will apparently unveil an IOS
>> rootkit. skip below for the news item itself.
>> We've had discussions on this before, here and elsewhere. I've been
>> heavily attacked on the subject of considering router security as an issue
>> when compared to routing security.
>> I have a lot to say about this, looking into this threat for a
>> few years now and having engaged different organizations within Cisco on
>> the subject in the past. Due to what I refer to as an "NDA of
>> honour" I will just relay the following until it is "officially" public,
>> then consider what should be made public, including:
>> 1. Current defense startegies possible with Cisco gear
>> 2. Third party defense strategies (yes, they now exist)
>> 2. Cisco response (no names or exact quotes will likely be given)
>> 3. A bet on when such a rootkit would be public, and who won it
>> (participants are.. "relevant people").
>> "A security researcher has developed malicious rootkit software for
>> Cisco's routers, a development that has placed increasing scrutiny on the
>> routers that carry the majority of the Internet's traffic.
>> Sebastian Muniz, a researcher with Core Security Technologies, developed
>> the software, which he will unveil on May 22 at the EuSecWest conference
>> in London. "
>> Gadi Evron.
>> NANOG mailing list
>> NANOG at nanog.org
More information about the NANOG