Category: Cisco Routes

Rootkit threatens Cisco routers

Cisco and the security community are debating the reality of rootkits attacking the Cisco’s Internetwork Operating System (IOS) after a researcher presented a proof of concept attack, which threatens Cisco routers and voice over IP phones.

At the EUSecWest conference in London, Core Security researcher Sebastian Muniz presented a proof of concept attack which he called the “Da IOS Rootkit”, a binary modification to the IOS image.

“The main feature of Da IOS Rootkit is the universal password,” Muniz said in an interview on the EUSecWest Web site. “Every call to the different password validation routines grant access to the user if the unique rootkit password is specified.”

In response to the presentation, the company has published a set of best practices. Cisco noted that “no new vulnerability on the Cisco IOS software was disclosed during the presentation. To the best of our knowledge, no exploit code has been made publicly available, and Cisco has not received any customer reports of exploitation”.

Cisco and the security community are debating the reality of rootkits attacking the Cisco’s Internetwork Operating System (IOS) after a researcher presented a proof of concept attack, which threatens Cisco routers and voice over IP phones.

At the EUSecWest conference in London, Core Security researcher Sebastian Muniz presented a proof of concept attack which he called the “Da IOS Rootkit”, a binary modification to the IOS image.

“The main feature of Da IOS Rootkit is the universal password,” Muniz said in an interview on the EUSecWest Web site. “Every call to the different password validation routines grant access to the user if the unique rootkit password is specified.”

In response to the presentation, the company has published a set of best practices. Cisco noted that “no new vulnerability on the Cisco IOS software was disclosed during the presentation. To the best of our knowledge, no exploit code has been made publicly available, and Cisco has not received any customer reports of exploitation”.

If the exploit code is made public, it could pose a further security risk to Cisco’s customers, according to Chris Gatford, senior security consultant for penetration testing firm, Pure Hacking.

“If the code reaches the wild, it could be dangerous because of the lack of security attention given to Cisco’s switches and routers,” he told ZDNet Australia.

At the AusCERT 2008 conference on the Gold Coast last week, Cisco’s chief security officer John Stewart complained that many of Cisco’s customers fail to upgrade IOS, with some still operating on version 10.3, which was released on 1995, Apr. 13. The current release is version 12.4.

“I can give them the list of known vulnerabilities, but customers still don’t want to touch it because it’s working… I think there’s a certain level of ‘well it’s working, don’t touch it, because it’s fragile, it might break’. I understand that, however I don’t find it acceptable,” he said.

Australian customers often avoid securing switches and routers, despite these devices offering a gateway to all network traffic.

“If I was to do a comparison of the number of assessments on operating systems versus networking hardware, I would say the OS and apps would be 90 per cent of what a customer is asking for and very few have us look at switches and routers. And once again, if you compromise a switch and router you own all those OSes, because you have access to all that sensitive traffic going in and out,” Pure Hacking’s Gatford said.

3Com challenges Cisco to router duel

3Com pdate is turning up the heat in the enterprise routing rival Cisco Systems.

On Monday, the company announced two new series of routers, low-cost access are designed to be substitutes or alternatives to the routers sold by Cisco. The company claims that these routers will cost 30 percent to 50 percent less than similar offerings from market leader Cisco.

3Com’s product news comes just as Cisco prepares to announce its own set of access routers. The Tuesday, Cisco is expected to reveal details of its new 1800 2800 and 3800 wide area network access routers, which will include integrated security tools and support for voice over Internet protocol.

Cisco has long dominated the enterprise router market, with more than 90 percent of the market, but competitors such as 3Com and Juniper Networks could pose a threat to the domination of the company.

Continue reading “3Com challenges Cisco to router duel”

Cisco routers get an upgrade

Cisco Systems submitted on Tuesday faster, more feature rich versions of their access routers hit in an attempt to fend off competition from rivals Juniper Networks and 3Com.

New Cisco 1800, 2800 and 3800 throughout the area network access routers feature embedded security measures and voice over Internet protocol (VoIP), a method for making phone calls over the Internet unregulated, rather than the heavily regulated and taxed traditional phone network, said Mike Volpi, senior vice president and general manager of the Group of Cisco routing technology.

Continue reading “Cisco routers get an upgrade”

Cisco’s new router delivers 322 tbps of capacity

Cisco has announced its CRS-3 Carrier Routing Process (CRS) that the company says “is designed to transform the broadband communication & entertainment industry” owing to it offering a capacity of up to 322 Terabits per second.

The CRS-3’s 322 tbps of capacity over triples the 92 tbps capacity of the Cisco CRS-1 & represents over 12 times the capacity of any other core router in the industry.

With this type of capacity, Cisco says that the whole printed collection of the Library of Congress can be downloaded in over one second; every man, woman & kid in China can make a video call, simultaneously; & every film ever created can be streamed in less than four minutes.

Cisco has announced its CRS-3 Carrier Routing Process (CRS) that the company says “is designed to transform the broadband communication & entertainment industry” owing to it offering a capacity of up to 322 Terabits per second.

The CRS-3’s 322 tbps of capacity over triples the 92 tbps capacity of the Cisco CRS-1 & represents over 12 times the capacity of any other core router in the industry.

With this type of capacity, Cisco says that the whole printed collection of the Library of Congress can be downloaded in over one second; every man, woman & kid in China can make a video call, simultaneously; & every film ever created can be streamed in less than four minutes.

The company has invested US $1.6 billion in the Cisco CRS relatives, & the CRS-3, which is currently in field trials, will have its pricing set at US $90,000. The CRS-3 is also said to offer up to 60 percent savings on power consumption compared to competitive platforms & Cisco CRS-1 customers will be able to upgrade to CRS-3 with the aid of Cisco Services.

Keith Cambron, president & CEO, AT&T Labs, says, “We are entering the next stage of global communication & entertainment services & applications, which requires a new set of advanced Net networking technologies. AT&T’s network handled 40 percent more traffic in 2009 than it did in the earlier year, & they continue to see this growth in 2010. Having leading edge experience in managing the largest global information network, they are pleased to continue our close working relationship with Cisco & its groundbreaking Cisco CRS-3 platform.”

Pankaj Patel, senior vice president & general manager, Service Provider Business, Cisco, has said, “The next generation Net is on us & they are confident that the Cisco CRS-3 will play a vital role as service providers like AT&T deliver an fascinating, new array of video, mobile, information middle & cloud services. The Cisco CRS-3 is well positioned to over on the custom of the Cisco CRS-1, become the flagship router of the future & serves as the foundation for the world’s most clever & advanced broadband networks.”