Fwd: [NANOG] IOS rootkits

[n3td3v <xploitable () gmail com>]

---------- Forwarded message ----------
From: n3td3v <xploitable () gmail com>
Date: Sat, May 17, 2008 at 12:08 PM
Subject: Re: [NANOG] IOS rootkits
To: nanog () merit edu


On Sat, May 17, 2008 at 11:12 AM, Suresh Ramasubramanian
<ops.lists () gmail com> wrote:
> On Sat, May 17, 2008 at 12:47 PM, Matthew Moyle-Croft
> <mmc () internode com au> wrote:
> > If the way of running this isn't out in the wild and it's actually
> > dangerous then a pox on anyone who releases it, especially to gain
> > publicity at the expensive of network operators sleep and well being.
> > May you never find a reliable route ever again.
>
> This needs fixing. It doesnt need publicity at security conferences
> till after cisco gets presented this stuff first and asked to release
> an emergency patch.

Agreed,

You've got to remember though that a security conference is a
commercial venture, it makes business sense for this to be publically
announced at this security conference.

I think security conferences have become something that sucks as its
all become money making oriented and the people who run these things
don't really have security in mind, just the £ signs reflecting on
their eye balls.

> --srs
> --
> Suresh Ramasubramanian (ops.lists () gmail com)

All the best,

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/