North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Cisco IOS Exploit Cover Up

  • From: David Barak
  • Date: Fri Jul 29 15:35:40 2005
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=U+tv5LJBtDApQMpaMoDwQOxjn2vSgm3Oflkura82GF6Fb4KDfzyGBlZfjOfgBD243w6fjxRLohNTmjHENMixKuqwwOJsfDm1Gx5M31lqEgBfC70aCfsMfMxAFamXhIcqeMQTwESYpCqLGvl/ci1JpRpjOEV3Pb7H4lXHOqiP/Eo= ;

--- Scott Morris <[email protected]> wrote:

> 
> And quite honestly, we can probably be pretty safe
> in assuming they will not
> be running IPv6 (current exploit) or SNMP (older
> exploits) or BGP (other
> exploits) or SSH (even other exploits) on that box. 
> :)  (the 1601 or the
> 2500's)

Let's see - RIP, Telnet, and SNMP are the only
services listening on the box, and those are ACLed off
at the serial interface.  I'd LOVE to run SSH, but my
image is not kind, nor is the size of the flash...

> Not everyone has to worry about these things.  Place
> and time.

Agreed - I just wanted to give a concrete example of
this stuff in the wild.


David Barak
Need Geek Rock?  Try The Franchise: 
http://www.listentothefranchise.com


		
____________________________________________________
Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs