nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IOS worm clarification

From: Henry Linneweh <hrlinneweh () sbcglobal net>
Date: Mon, 19 Sep 2005 19:23:58 -0700 (PDT)

Andre;
Thanks for your review and language skills in this
area, the article translated was even a mess
on babelfish and left more questions than answers

-Henry

--- "J. Oquendo" <sil () politrix org> wrote:




/////////////////////////////////
From: Andrei Mikhailovsky <mlists () arhont com>
Reply-To: andrei () arhont com
To: ciscoioshehehe () yandex ru
Subject: Re: [Full-disclosure] Cisco IOS hacked?

Hello,

Being a co-author of the "Hacking Exposed Cisco
Networks" book and one
of the co-founders of Arhont Ltd an Information
Security Company that is
doing the research for the book on Cisco Devices I
have to make the
following comments about the article in
SecurityLab.ru:

The russian article
(http://www.securitylab.ru/news/240415.php) has been
badly paraphrased from the livejournal of one of the
authors/researchers
of the book. As a result of this outrageously
inaccurate paraphrasing of
the article many confusions and misunderstandings
have been circling on
the security related sources and mailing lists.


Some of the issues addressed in the article are true
and Arhont is
currently preparing a formal advisory that will be
sent to PSIRT.


Among the discovered issues are multiple
vulnerabilities in EIGRP
implementation. Also, authors have addressed the
_theoretical_ aspects
of an algorithm for cross-platform worm that could
spread in IOS based
devices. The existence of the practical
implementation of such warm is a
complete lie. Let me assure that there has been no
development nor the
desire to develop such code by the authors of the
book. The theoretical
methodology and algorithms will be also discussed
with PSIRT at the
appropriate time.


In addition, there has been some minor
inconsistencies of the
livejournal postings that will be soon addressed and
edited.

If you have any comments on this topic we would be
glad to address them.

--
Andrei Mikhailovsky
Arhont Ltd - Information Security
/////////////////////////////////




=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
GPG Key ID 0x97B43D89


http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x97B43D89


"Just one more time for the sake of sanity tell me
why
 explain the gravity that drove you to this..."
Assemblage
Previous By Date Next
Previous By Thread Next

Current thread: