lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.62.0805162006340.23118@linuxbox.org>
Date: Fri, 16 May 2008 20:07:51 -0500 (CDT)
From: Gadi Evron <ge@...uxbox.org>
To: bugtraq@...urityfocus.com
Cc: full-disclsoure@...ts.grok.org.uk, funsec@...uxbox.org
Subject: IOS rootkits

At the upcoming EusecWest Sebastian Muniz will apparently unveil an IOS 
rootkit. skip below for the news item itself.

We've had discussions on this before, here and elsewhere. I've been heavily 
attacked on the subject of considering router security as an issue when 
compared to routing security.

I have a lot to say about this, looking into this threat for a few years now 
and having engaged different organizations within Cisco on the subject in the 
past.  Due to what I refer to as an "NDA of honour" I will just relay the 
following until it is "officially" public, then consider what should be made 
public, including:

1. Current defense startegies possible with Cisco gear
2. Third party defense strategies (yes, they now exist)
2. Cisco response (no names or exact quotes will likely be given)
3. A bet on when such a rootkit would be public, and who won it (participants 
are.. "relevant people").

From:
http://www.networkworld.com/news/2008/051408-hacker-writes-rootkit-for-ciscos.html

"A security researcher has developed malicious rootkit software for Cisco's 
routers, a development that has placed increasing scrutiny on the routers that 
carry the majority of the Internet's traffic.

Sebastian Muniz, a researcher with Core Security Technologies, developed the 
software, which he will unveil on May 22 at the EuSecWest conference in London. "

 	Gadi Evron.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ