Re: Cisco IOS Shellcode Presentation

["Pavel Kankovsky" <peak () argo troja mff cuni cz>]

On Fri, 29 Jul 2005, Frank Knobbe wrote:

> That means that the once thought-to-be-invulnerable boxes running IOS
> are in fact as vulnerable as a Windows boxes. Once you get process
> control, you can do whatever you like.

Hmm...the fact Cisco uses general purpose CPUs (e.g. PowerPC 4xx) in their
box has been shamelessly announced by "show version" for years. Perhaps
they should sue themselves?

The presentation is nice but it does not reveal nothing you cannot find 
out yourself with a Cisco box to play with and a little bit of ingenuity.

But I can understand why they make so much fuss about it. Lynn told the 
people the emperor wears no clothes. Emperors always freak out whan it 
happens.

> (What is TCB anyway? Certainly not Trusted Computing Base :)

No. It's Transmission Control Block. See RFC 793 "Transmission Control
Protocol".

"I don't know what this stands for, and neither did the people at Cisco I
spoke with", esp. the 2nd part, is something I find rather unbelievable.
Perhaps Lynn did not talk to the right people at Cisco. Or perhaps Cisco
has already finished its transformation to the modern kind of bussines and
got rid of anyone with a clue?

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/