North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Cisco IOS Exploit Cover Up
On Fri, 29 Jul 2005, Stephen Fulton wrote: > > Petri Helenius wrote: > > > Fortunately destructive worms don't usually get too wide distribution > > because they don't survive long. > > That assumes that the worm must "discover" exploitable hosts. What if > those hosts have already been identified through other means previously? > A nation, terrorist or criminal with the means could very well > compile a relatively accurate database and use such a worm to attack > specific targets, and those attacks need not be destructive/disruptive. and why pray-tell would they bother with any of this complex 'remote exploit' crap when they can send a stream of 3mbps at any cisco and crunch it? as someone said before, the 'big deal' in the talk was: "Hey, IOS is just like everyother OS, it has heap/stack overflows that you can smash and get arbitrary code to run on."