North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: IOS worm clarification

  • From: Henry Linneweh
  • Date: Mon Sep 19 22:25:16 2005

Andre;
Thanks for your review and language skills in this
area, the article translated was even a mess
on babelfish and left more questions than answers

-Henry

--- "J. Oquendo" <[email protected]> wrote:

> 
> 
> /////////////////////////////////
> From: Andrei Mikhailovsky <[email protected]>
> Reply-To: [email protected]
> To: [email protected]
> Subject: Re: [Full-disclosure] Cisco IOS hacked?
> 
> Hello,
> 
> Being a co-author of the "Hacking Exposed Cisco
> Networks" book and one
> of the co-founders of Arhont Ltd an Information
> Security Company that is
> doing the research for the book on Cisco Devices I
> have to make the
> following comments about the article in
> SecurityLab.ru:
> 
> The russian article
> (http://www.securitylab.ru/news/240415.php) has been
> badly paraphrased from the livejournal of one of the
> authors/researchers
> of the book. As a result of this outrageously
> inaccurate paraphrasing of
> the article many confusions and misunderstandings
> have been circling on
> the security related sources and mailing lists.
> 
> 
> Some of the issues addressed in the article are true
> and Arhont is
> currently preparing a formal advisory that will be
> sent to PSIRT.
> 
> 
> Among the discovered issues are multiple
> vulnerabilities in EIGRP
> implementation. Also, authors have addressed the
> _theoretical_ aspects
> of an algorithm for cross-platform worm that could
> spread in IOS based
> devices. The existence of the practical
> implementation of such warm is a
> complete lie. Let me assure that there has been no
> development nor the
> desire to develop such code by the authors of the
> book. The theoretical
> methodology and algorithms will be also discussed
> with PSIRT at the
> appropriate time.
> 
> 
> In addition, there has been some minor
> inconsistencies of the
> livejournal postings that will be soon addressed and
> edited.
> 
> If you have any comments on this topic we would be
> glad to address them.
> 
> --
> Andrei Mikhailovsky
> Arhont Ltd - Information Security
> /////////////////////////////////
> 
> 
> 
> 
> =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> J. Oquendo
> GPG Key ID 0x97B43D89
>
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x97B43D89
> 
> "Just one more time for the sake of sanity tell me
> why
>  explain the gravity that drove you to this..."
> Assemblage
>