nanog mailing list archives
Re: [NANOG] IOS rootkits
From: Mark Smith <nanog () 85d5b20a518b8f6864949bd940457dc124746ddc nosense org>
Date: Mon, 19 May 2008 07:23:12 +0930
On Sun, 18 May 2008 13:33:53 -0700 Dragos Ruiu <dr () kyx net> wrote:
On 18-May-08, at 7:11 AM, Suresh Ramasubramanian wrote:2. It can be prevented by what's widely regarded as BCP on router security, and has been covered at *nog, in cisco training material, etc etc for quite some time now. I am much less concerned about security conferences discussing this than about the (highly uninformed) publicity that accompanies these conferences.I'm not going to touch the disclosure or not debate... it's been done. But I will agree to disagree with you about the above two points. First of all about prevention, I'm not at all sure about this being covered by existing router security planning / BCP. I don't believe most operators reflash their routers periodically, nor check existing images (particularly because the tools for this integrity verification don't even exist). If I'm wrong about this I would love to be corrected with pointers to the tools.
<snip> Cisco publish an MD5 sum (and BSD 'sum' IIRC) for the IOS image just before you hit the download page, which you can record and then verify after downloading (although they could make this a *lot* easier to do by posting it after, or before and after the download). There is also a /md5 option for the IOS verify command which can be used to generate an MD5 sum for an IOS image stored on a router. Regards, Mark. -- "Sheep are slow and tasty, and therefore must remain constantly alert." - Bruce Schneier, "Beyond Fear" _______________________________________________ NANOG mailing list NANOG () nanog org http://mailman.nanog.org/mailman/listinfo/nanog
Current thread:
- Re: [NANOG] IOS rootkits, (continued)
- Re: [NANOG] IOS rootkits Gadi Evron (May 18)
- Re: [NANOG] IOS rootkits Dragos Ruiu (May 18)
- Re: [NANOG] IOS rootkits Joel Jaeggli (May 18)
- Re: [NANOG] IOS rootkits Gadi Evron (May 18)
- Re: [NANOG] IOS rootkits Joel Jaeggli (May 18)
- Re: [NANOG] IOS rootkits Gadi Evron (May 18)
- Re: [NANOG] IOS rootkits Marc Manthey (May 18)
- Re: [NANOG] IOS rootkits Gadi Evron (May 25)
- Re: [NANOG] IOS rootkits Christian (May 25)
- Re: [NANOG] IOS rootkits Aaron Glenn (May 25)
- Re: [NANOG] IOS rootkits Mark Smith (May 18)
- Re: [NANOG] IOS rootkits Suresh Ramasubramanian (May 18)
- Re: [NANOG] IOS rootkits Gadi Evron (May 18)
- Re: [NANOG] IOS rootkits travis+ml-nanog (May 17)
- Re: [NANOG] IOS rootkits Mark Smith (May 17)
- Re: [NANOG] IOS rootkits Gadi Evron (May 17)
- Re: [NANOG] IOS rootkits Mark Smith (May 17)
- Re: [NANOG] IOS rootkits Joel Jaeggli (May 17)
- Re: [NANOG] IOS rootkits Gadi Evron (May 17)