IOS worm clarification

Henry Linneweh hrlinneweh at sbcglobal.net
Tue Sep 20 02:23:58 UTC 2005


Andre;
Thanks for your review and language skills in this
area, the article translated was even a mess
on babelfish and left more questions than answers

-Henry

--- "J. Oquendo" <sil at politrix.org> wrote:

> 
> 
> /////////////////////////////////
> From: Andrei Mikhailovsky <mlists at arhont.com>
> Reply-To: andrei at arhont.com
> To: ciscoioshehehe at yandex.ru
> Subject: Re: [Full-disclosure] Cisco IOS hacked?
> 
> Hello,
> 
> Being a co-author of the "Hacking Exposed Cisco
> Networks" book and one
> of the co-founders of Arhont Ltd an Information
> Security Company that is
> doing the research for the book on Cisco Devices I
> have to make the
> following comments about the article in
> SecurityLab.ru:
> 
> The russian article
> (http://www.securitylab.ru/news/240415.php) has been
> badly paraphrased from the livejournal of one of the
> authors/researchers
> of the book. As a result of this outrageously
> inaccurate paraphrasing of
> the article many confusions and misunderstandings
> have been circling on
> the security related sources and mailing lists.
> 
> 
> Some of the issues addressed in the article are true
> and Arhont is
> currently preparing a formal advisory that will be
> sent to PSIRT.
> 
> 
> Among the discovered issues are multiple
> vulnerabilities in EIGRP
> implementation. Also, authors have addressed the
> _theoretical_ aspects
> of an algorithm for cross-platform worm that could
> spread in IOS based
> devices. The existence of the practical
> implementation of such warm is a
> complete lie. Let me assure that there has been no
> development nor the
> desire to develop such code by the authors of the
> book. The theoretical
> methodology and algorithms will be also discussed
> with PSIRT at the
> appropriate time.
> 
> 
> In addition, there has been some minor
> inconsistencies of the
> livejournal postings that will be soon addressed and
> edited.
> 
> If you have any comments on this topic we would be
> glad to address them.
> 
> --
> Andrei Mikhailovsky
> Arhont Ltd - Information Security
> /////////////////////////////////
> 
> 
> 
> 
> =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> J. Oquendo
> GPG Key ID 0x97B43D89
>
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x97B43D89
> 
> "Just one more time for the sake of sanity tell me
> why
>  explain the gravity that drove you to this..."
> Assemblage
> 




More information about the NANOG mailing list