Security Incidents mailing list archives
Detecting Cisco IOS probes
From: "Mark Ryan del Moral Talabis" <talabis () gmail com>
Date: Tue, 7 Mar 2006 10:37:27 +0800
Detecting Cisco IOS probes We have detected activity directed towards Cisco IOS sytems via http. Most likely, the said activity are probes looking for live Cisco machines with vulnerable Cisco IOS software accessible via its HTTP server. Based on the signature of the probes, it seems that the following tool is being used: cisco scanner v0.2. Full analysis: http://www.philippinehoneynet.org/dataarchive.php?date=2006-02-16 Ryan Talabis Philippine Honeynet Project http://www.philippinehoneynet.org
Current thread:
- Detecting Cisco IOS probes Mark Ryan del Moral Talabis (Mar 06)
- <Possible follow-ups>
- Re: Detecting Cisco IOS probes Fergie (Mar 07)