nanog mailing list archives
Re: CISCO 0-day exploits
From: Harlan Stenn <stenn () nwtime org>
Date: Tue, 11 Feb 2020 03:07:05 -0800
On 2/11/2020 2:04 AM, Saku Ytti wrote:
On Tue, 11 Feb 2020 at 09:09, Ahmed Borno <amaged () gmail com> wrote:So yeah iACLs, CoPP and all sorts of basic precautions are needed, but I'm thinking something more needs to be done, specially if these ancient code stacks are being imported into new age 'IoT' devices, multiplying the attack vector by a factor of too many.I can't see situation getting better. Why should vendor invest in high quality code, certainly the cultural shift will cost something, it's not 0 cost and what is the upside? If IOS and JunOS realistically were significantly less buggy many of us would stop buying support, because we either know how to configure these or can get help faster free from the community, we largely need the support because the software quality is so bad _everyone_ finds new bugs all the time and we don't have the source code to fix it as a community. So I suspect significantly better quality software would at least initially cost more to produce and it would reduce revenue in loss of support.
Yeah, things need to get better, and soon. At least, some things... Was I too subtle just now? -- Harlan Stenn <stenn () nwtime org> http://networktimefoundation.org - be a member!
Current thread:
- CISCO 0-day exploits Jean | ddostest.me via NANOG (Feb 07)
- Re: CISCO 0-day exploits Jean | ddostest.me via NANOG (Feb 10)
- Re: CISCO 0-day exploits tim () pelican org (Feb 10)
- Re: CISCO 0-day exploits Saku Ytti (Feb 10)
- Re: CISCO 0-day exploits Jean | ddostest.me via NANOG (Feb 10)
- Re: CISCO 0-day exploits Tom Hill (Feb 10)
- Re: CISCO 0-day exploits Ahmed Borno (Feb 10)
- Re: CISCO 0-day exploits Saku Ytti (Feb 11)
- Re: CISCO 0-day exploits Harlan Stenn (Feb 11)
- Re: CISCO 0-day exploits Ahmed Borno (Feb 11)
- Re: CISCO 0-day exploits Saku Ytti (Feb 11)
- Re: CISCO 0-day exploits Ahmed Borno (Feb 11)
- Re: CISCO 0-day exploits sronan (Feb 11)
- Re: CISCO 0-day exploits Jean | ddostest.me via NANOG (Feb 10)
- <Possible follow-ups>
- Re: CISCO 0-day exploits Scott Weeks (Feb 10)
- Re: CISCO 0-day exploits Justin Wilson (Feb 10)
- Re: CISCO 0-day exploits Tom Hill (Feb 10)