nanog mailing list archives
RE: Internet vulnerabilities
From: "jnelson" <jnelson () rackspace com>
Date: Thu, 4 Jul 2002 16:20:27 -0500
Keep the gloves up...cruft...lol, but if you wanted to compare Cisco "features", I've dealt with some bugs that would cook your hair. Unfortunately, I've only worked with Juniper in an MPLS lab--but I've heard some good things concerning their reliability (but mostly form people that won't shut up about FreeBSD, so take it for what it is). j -----Original Message----- From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of Richard A Steenbergen Sent: Thursday, July 04, 2002 4:07 PM To: jnelson Cc: 'batz'; 'Jason Lewis'; nanog () merit edu Subject: Re: Internet vulnerabilities On Thu, Jul 04, 2002 at 02:47:24PM -0500, jnelson wrote:
How about this: ISP X had its tftp server compromised by a wily hacker who evaded tripwire and covered his track well, uploaded some cracked Cisco code (the current release for their GSRs). This code was designed to
corrupt
the directories and shut down the router at date XX:XX:XX. Each of
these
affected GSRs, 7-five new roll-outs and 2 upgrades--went down at the same time (save one who's time was no set correctly). Each site had to driven to, flashcards replaced. ISP X severely crippled for 6 hours.
The
hacker could have gone the extra leg to have the tftp server expunge
the
backup configs at the same time--extra couple hours--but did not.
Who needs malicious hacking, running the latest code for a GSR will crash your network just fine... The specific crash date and time functionality hadn't been added yet though, maybe you could put in a feature request. :) Besides, if someone actually did get the IOS code (laugh) AND manage to compile images out of that cruft, I'm pretty sure changing the MD5 signature on cco would be the least of their problems. -- Richard A Steenbergen <ras () e-gerbil net> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
Current thread:
- Re: Internet vulnerabilities, (continued)
- Re: Internet vulnerabilities Jason Lewis (Jul 04)
- RE: Internet vulnerabilities Phil Rosenthal (Jul 04)
- RE: Internet vulnerabilities Deepak Jain (Jul 04)
- RE: Internet vulnerabilities Stephen J. Wilcox (Jul 05)
- Re: Internet vulnerabilities Eric Gauthier (Jul 05)
- Re: Internet vulnerabilities Randy Bush (Jul 05)
- RE: Internet vulnerabilities Deepak Jain (Jul 04)
- Re: Internet vulnerabilities Sandy Harris (Jul 04)
- RE: Internet vulnerabilities jnelson (Jul 04)
- Re: Internet vulnerabilities Richard A Steenbergen (Jul 04)
- RE: Internet vulnerabilities jnelson (Jul 04)
- RE: Internet vulnerabilities Martin Hannigan (Jul 04)
- Re: Internet vulnerabilities David Lesher (Jul 04)
- Re: Internet vulnerabilities Paul Vixie (Jul 04)
- Re: Internet vulnerabilities Marshall Eubanks (Jul 04)
- Re: Internet vulnerabilities Paul Vixie (Jul 04)
- Re: Internet vulnerabilities E.B. Dreger (Jul 04)
- Re: Internet vulnerabilities Bill Woodcock (Jul 04)
- Re: Internet vulnerabilities Marshall Eubanks (Jul 05)
- Re: Internet vulnerabilities Bill Woodcock (Jul 05)