North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: IOS Rookit: the sky isn't falling (yet)
On Tue, 27 May 2008 11:02:32 CDT, Gadi Evron said: > On Tue, 27 May 2008, Jared Mauch wrote: > > *yawn* > > I guess we will wait for the next one before waking up, than. No Gadi. What Jared is saying is that there are exactly *ZERO* routers (for some infinitesimally small value of zero) that will get rootkitted that weren't *already* vulnerable to the stuff that Lynn talked about three years ago. There's basically 2 classes of Cisco routers out there: 1) Ones managed by Jared and similarly clued people, who can quite rightfully yawn because the specter of "IOS rootkits" changes nothing in their actual threat model - they put stuff in place 3 years ago to mitigate "Lynn-style IOS pwnage", and it will stop this just as well. Move along, nothing to see. 2) Ones managed by unclued people. And quite frankly, if Lynn didn't wake them up 3 years ago, this isn't going to wake them up either. Move along, nothing new to see here either. "60% of routers run by bozos who shouldn't have enable. Film at 11". *yawn*.