Internet vulnerabilities
Richard A Steenbergen
ras at e-gerbil.net
Thu Jul 4 21:07:07 UTC 2002
On Thu, Jul 04, 2002 at 02:47:24PM -0500, jnelson wrote:
>
> How about this:
> ISP X had its tftp server compromised by a wily hacker who evaded
> tripwire and covered his track well, uploaded some cracked Cisco code
> (the current release for their GSRs). This code was designed to corrupt
> the directories and shut down the router at date XX:XX:XX. Each of these
> affected GSRs, 7-five new roll-outs and 2 upgrades--went down at the
> same time (save one who's time was no set correctly). Each site had to
> driven to, flashcards replaced. ISP X severely crippled for 6 hours. The
> hacker could have gone the extra leg to have the tftp server expunge the
> backup configs at the same time--extra couple hours--but did not.
Who needs malicious hacking, running the latest code for a GSR will crash
your network just fine... The specific crash date and time functionality
hadn't been added yet though, maybe you could put in a feature request. :)
Besides, if someone actually did get the IOS code (laugh) AND manage to
compile images out of that cruft, I'm pretty sure changing the MD5
signature on cco would be the least of their problems.
--
Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
More information about the NANOG
mailing list