North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: IOS Rookit: the sky isn't falling (yet)

  • From: Valdis . Kletnieks
  • Date: Tue May 27 13:57:31 2008

On Tue, 27 May 2008 10:47:08 PDT, [email protected] said:

> What you want is cisco hardware that verifies firmware signatures in 
> hardware.

Yes, but that requires new hardware.  Understanding the security risk in
accepting an unsigned MD5 signature from the same place that you accepted the
file from is a wetware issue.

Granted, at many shops hardware upgrades are easier than wetware upgrades. ;)


Attachment: pgp00006.pgp
Description: PGP signature