-
We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
cisco ios code stolen
- Thread starter FreshPrince
- Start date
Originally posted by: amdfanboy
Owned
unconfirmed
Originally posted by: mboy
Posted yesterday I beleive and I thought Cisco did confirm it?
is there a statement or anything?
What a black eye for cisco, especially since they've been pushing security so hard.
:roll:
-edit-
from informationweek.com
Cisco Systems says it's investigating a report by SecurityLab, a Russian Web site, that the source code for its primary operating system was stolen last week.
In a statement E-mailed to InformationWeek on Monday, the networking-gear maker said it is "fully aware that a potential compromise of its proprietary information occurred and was reported on a public Web site just prior to the weekend. Cisco is fully investigating what happened."
The code reportedly leaked onto the Internet is Cisco's IOS 12.3, the most recent version of its network operating system which runs many of its routers and the hardware that supports the backbone of the Internet.
Security experts warn that if the report is true and Cisco's proprietary code has been made available on the Internet, hackers could comb through that code in search of potential security flaws. However, earlier this year, some code used in Microsoft's Windows NT and Windows 2000 operating system was leaked to the Internet and no major attacks can be attributed to that incident.
Cisco customers have been placed at risk due to a handful of security issues relating to Cisco's software in recent weeks. In mid-April, the company acknowledged a security flaw with its proprietary Lightweight Extensible Authentication Protocol and released a new version of that protocol which the company said eliminated the threat of attack.
Just weeks prior to that incident, a hacker attack tool, dubbed "Cisco Global Exploiter," surfaced on the Internet. The tool makes it possible for hackers to attack nearly a dozen security vulnerabilities found in various Cisco products.
Originally posted by: n0cmonkey
If we get confirmation... Wow, could be scary.
I hate the "self defending network" idea, but the commercials rock. Always exciting in the security dept. 🙂
some of their NAC stuff is really nice. I'm seriously considering pursuing it this year.
Originally posted by: spidey07
Originally posted by: n0cmonkey
If we get confirmation... Wow, could be scary.
I hate the "self defending network" idea, but the commercials rock. Always exciting in the security dept. 🙂
some of their NAC stuff is really nice. I'm seriously considering pursuing it this year.
Yes it is. I'm waiting for it to filter down into the 2950's so we can pursue it too. Right now I think it's only available in some of the high-end routers. I doubt we'll see it in the 2950's before the end of the summer though, and I think this is my last summer working here.
Originally posted by: Boscoh
Originally posted by: spidey07
Originally posted by: n0cmonkey
If we get confirmation... Wow, could be scary.
I hate the "self defending network" idea, but the commercials rock. Always exciting in the security dept. 🙂
some of their NAC stuff is really nice. I'm seriously considering pursuing it this year.
Yes it is. I'm waiting for it to filter down into the 2950's so we can pursue it too. Right now I think it's only available in some of the high-end routers. I doubt we'll see it in the 2950's before the end of the summer though, and I think this is my last summer working here.
our campus is all 6500s so hardware isn't a problem.
🙂
Originally posted by: spidey07
Originally posted by: n0cmonkey
If we get confirmation... Wow, could be scary.
I hate the "self defending network" idea, but the commercials rock. Always exciting in the security dept. 🙂
some of their NAC stuff is really nice. I'm seriously considering pursuing it this year.
I forget what it was that I was looking at. Basically the IDS threw an ACL on a router to block access after a rule was triggered. The idea is utter crap, IMO, although I don't know much about their implimentation.
Originally posted by: n0cmonkey
Originally posted by: spidey07
Originally posted by: n0cmonkey
If we get confirmation... Wow, could be scary.
I hate the "self defending network" idea, but the commercials rock. Always exciting in the security dept. 🙂
some of their NAC stuff is really nice. I'm seriously considering pursuing it this year.
I forget what it was that I was looking at. Basically the IDS threw an ACL on a router to block access after a rule was triggered. The idea is utter crap, IMO, although I don't know much about their implimentation.
That's generally what IDS's do...that and TCP-Resets on the session. The problem with any IDS is that they recieve *copies* of the traffic (a la SPAN port), so by the time they've seen the copy, had time to match the pattern, written an ACL or a shun to a router/firewall, or done a reset quite a few packets could have already gotten to the intended victim.
That's why IPS's are so much more promising. Basically an IDS that sits in-line. Sort of like a SPI firewall with all the inspection capabilities of an IDS.
Originally posted by: Boscoh
Originally posted by: n0cmonkey
Originally posted by: spidey07
Originally posted by: n0cmonkey
If we get confirmation... Wow, could be scary.
I hate the "self defending network" idea, but the commercials rock. Always exciting in the security dept. 🙂
some of their NAC stuff is really nice. I'm seriously considering pursuing it this year.
I forget what it was that I was looking at. Basically the IDS threw an ACL on a router to block access after a rule was triggered. The idea is utter crap, IMO, although I don't know much about their implimentation.
That's generally what IDS's do...that and TCP-Resets on the session.
Nope. IDSes are generally passive.
The problem with any IDS is that they recieve *copies* of the traffic (a la SPAN port), so by the time they've seen the copy, had time to match the pattern, written an ACL or a shun to a router/firewall, or done a reset quite a few packets could have already gotten to the intended victim.
That's why IPS's are so much more promising. Basically an IDS that sits in-line. Sort of like a SPI firewall with all the inspection capabilities of an IDS.
Yeah, I'm aware of the technology. I just think it's a joke.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 25K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 24K
-
-
