Rootkit đe dọa các router Cisco

Cisco and the security community are debating the reality of rootkits Attacking the Cisco’s Internetwork Operating System (IOS) after a researcher presented a proof of concept attack, mà threatens Cisco routers and voice over IP phones.

EUSecWest at the conference in London, Core Security researcher Sebastian Muniz presented a proof of concept attack he mà tên the “Da IOS Rootkit”, a binary modification to the IOS image.

“The main feature of Da IOS Rootkit is the universal password,” Muniz said in an interview on the Web site EUSecWest. “Every call to the password validation routines khác grant access to the user if the unique rootkit password is specified.”

Print anticipation of Muniz’s talk, Cisco published three critical patches last week.

Print response to the presentation, the company has published a set of best practices. Cisco noted that “no new vulnerability on the Cisco IOS software was disclosed khi the presentation. To the best of our knowledge, no exploit code has been made publicly available, and Cisco has not received any customer reports of Exploitation. ”

If the exploit code is made public, it could pose a security risk to Further Cisco’s Customers, theo Chris Gatford, senior security consultant for penetration testing Firm, Pure Hacking.

“If the code reaches the wild, it could be dangerous vì Attention of the Lack of security given to Cisco’s switches and routers,” he Told ZDNet Australia.

At the AusCERT 2008 conference on the Gold Coast last week, Cisco’s chief security officer John Stewart complained that nhiều of Cisco’s IOS Customers fail to upgrade, with Some still operating on version 10.3, mà was released on 1995, May. 13. The current release is version 12.4.

“I can give them the list of known vulnerabilities, Customers nhưng vẫn vì không muốn touch it it’s working … I think there’s a Certain level of ‘well it’s working, do not touch it, it’s Fragile vì, it might break’. I Understand that, Tuy nhiên I do not find it acceptable, “he said.

Australian Customers often avoid Securing switches and routers, despite These devices Offering a gateway to all network traffic.

“If I was to do a comparison of the number of operating systems versus Assessments on networking hardware, I would say the OS and apps would be 90 per cent of what a customer is Asking for and very few have us look at the switches and routers. And once again, if you compromise a switch and router you own all những OSes, vì you have access to all that sensitive traffic going in and out, “said Pure Hacking’s Gatford.