Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cisco IOS Shellcode Presentation

From: Michael Holstein <michael.holstein () csuohio edu>
Date: Fri, 29 Jul 2005 14:59:17 -0400
How about adopting an architecture that incorporates special-purpose security safeguards into the CPU? Routers and switches don't need to execute arbitrary code, Cisco knows ahead of time, before they deploy a product, what code that product should be allowed to execute.
But how many times over the years has a IOS upgrade added a useful feature? .. securing the physical hardware to not accept new (aka: 'arbitrary') code would make a *lot* of rack-mount paperweights. 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: