Firewall Wizards mailing list archives
RE: Worms, Air Gaps and Responsibility
From: "Nathan C. Smith" <smith () ipmvs com>
Date: Thu, 13 May 2004 08:33:49 -0500
Won't it be interesting when people start looking for ways to exploit consumer appliances like Wireless Access Points, SOHO Routers, Tivos, x-boxes, and other "set-top" boxes that are unhardened in the consumer realm. A "set-top box", once infected, might have no way to clear its infection short of returning it to the distributor if the programmer was clever enough. There are a whole range of devices, with more coming on-line everyday that are well-connected and exposed. These boxes with common OS-variants - Linux, Windows and RTOS that will be relatively inexpensive, so there will be access to the equipment, and common vulnerabilities will be available and may go unpatched. -Nate Paul, Even Cisco is not immune to the exploits. http://www.enterprisenetworksandservers.com/monthly/art.php/290 While this was patched quickly by ISPs and others, it did cause intermittent outages across the Internet for a period of time (several days). Excerpt from article; "On Wednesday, July 16, 2003, Cisco Systems published an advisory warning that Cisco IOS - the operating software of the most widely used routers and switches in the world - was carrying a vulnerability that could put any unprotected IOS device out of order. Two days later, an "exploit" was published on a public mailing list, where hackers explained in detail how to reproduce the very packet sequence that would allow anyone to "exploit" the vulnerability and bring any unprotected device down." Then there was the Nimda worm which affected Cisco Cable Modem devices (800 Series), while not critical infrastructure, this disrupted many households Internet Access. I think it is fair to say any OS has had it's share of vulnerabilities over the years (some more than others in terms of numbers, but that does not necessarily account for the severity). A good share of these have allowed remote execution of code(System=Owned). Some Historical Examples; Sadmind for Solaris, Rootkits for Unix taking advantage of Portmapper flaws, Nimda/CodeRed and Slammer for MS. There are many others, these are just some off the top of my head. To say that any one of these is worse than the other is simply favoritism as they all allowed Root/Administrator access to the system. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Worms, Air Gaps and Responsibility, (continued)
- RE: Worms, Air Gaps and Responsibility Gwendolynn ferch Elydyr (May 19)
- Best Practices Paul D. Robertson (May 19)
- Re: Best Practices Dana Nowell (May 21)
- Re: Best Practices Gwendolynn ferch Elydyr (May 21)
- Re: Best Practices Dana Nowell (May 21)
- Re: Re: Best Practices R. DuFresne (May 21)
- Message not available
- Re: Re: Best Practices Dana Nowell (May 21)
- Re: Worms, Air Gaps and Responsibility Nate Campi (May 21)