nanog mailing list archives

Re: CISCO 0-day exploits

From: Tom Hill <tom () ninjabadger net>
Date: Mon, 10 Feb 2020 18:54:02 +0000

On 10/02/2020 18:13, Scott Weeks wrote:

Just because you use cisco devices doesn't mean you have to use 
their proprietary protocols, such as EIGRP or CDP.  OSPF or LLDP
work just fine and interoperate with other vendors... :)



The CDPwn vulnerability covers similar vulnerabilities in LLDP, and does
indeed demonstrate that network segmentation (i.e. "dude it's just L2")
is not the last word in mitigating against said vulnerabilities.

You ought to all be far more concerned, IMO.

-- 
Tom

Current thread:

Re: CISCO 0-day exploits, (continued)
- - - Re: CISCO 0-day exploits Tom Hill (Feb 10)
    - Re: CISCO 0-day exploits Ahmed Borno (Feb 10)
    - Re: CISCO 0-day exploits Saku Ytti (Feb 11)
    - Re: CISCO 0-day exploits Harlan Stenn (Feb 11)
    - Re: CISCO 0-day exploits Ahmed Borno (Feb 11)
    - Re: CISCO 0-day exploits Saku Ytti (Feb 11)
    - Re: CISCO 0-day exploits Ahmed Borno (Feb 11)
    - Re: CISCO 0-day exploits sronan (Feb 11)
- Re: CISCO 0-day exploits Scott Weeks (Feb 10)
  - Re: CISCO 0-day exploits Justin Wilson (Feb 10)
  - Re: CISCO 0-day exploits Tom Hill (Feb 10)