[NANOG] IOS rootkits

travis+ml-nanog at subspacefield.org travis+ml-nanog at subspacefield.org
Sat May 17 14:34:19 UTC 2008


On Sat, May 17, 2008 at 04:47:02PM +0930, Matthew Moyle-Croft wrote:
> I'm sure it'll be good for a number of security providers to hawk their 
> wares.
> 
> If the way of running this isn't out in the wild and it's actually 
> dangerous then a pox on anyone who releases it, especially to gain 
> publicity at the expensive of network operators sleep and well being.   
> May you never find a reliable route ever again.

I personally like Gadi's work, but not as much as I like getting my
packets to their destination.  I personally don't quite understand why
netops keep buying proprietary, closed technology for routers, but I'm
not and have never been a netop so I'm sure there's good reasons.  To
me it seems that if you need reliable router hardware, you can buy
that from a vendor, but in theory I don't see why the software for
routers couldn't be much more open.  When I can, I reflash my WAPs
with DD-WRT, because at least then I understand the system (and you
can't secure what you don't understand), but I am not saying that's
much of a comparison.

So, speaking of hawking wares... ;-)

Since I see some disclosure discussions brewing here, so I thought I'd
mention that I have a free online book on security, and I'm trying to
capture all the arguments about disclosure policies so that they don't
ever have to be rehashed.  Instead, we can just point someone to it,
and move on.

Here's the section on disclosure:

http://www.subspacefield.org/security/security_concepts.html#tth_sEc25.1

I'm numbering them for your convenience, so that if for some reason
you want to state a particular argument, you can compress the
conversation by simply giving its index. ;-)

HHOS,
Travis
-- 
Crypto ergo sum.  https://www.subspacefield.org/~travis/
If you are a spammer, please email john at subspacefield.org to get blacklisted.




More information about the NANOG mailing list