From firewalls-gc Wed Jul 09 10:13:57 1997 From: Paul Ferguson Date: Wed, 09 Jul 1997 10:13:57 +0000 To: firewalls-gc Subject: Re: Cisco exploits/vulnerabilities X-MARC-Message: https://marc.info/?l=firewalls-gc&m=87619474410357 At 08:56 AM 07/09/97 -0500, Bertrum Carroll wrote: >It looks as if most of these attacks require access to the router >console. If this is true, that's pretty good security. > >Or did I miss something? > You missed something. :-) Configuring protection, or conversely, opening holes, must be done from the configuration perspective. Configuring can be done from the console or from a TELNET VTY connection. Routers are similar in nature to other computer systems, with the exception being that they are highly specialized systems tailored to the task of packet forwarding and maintaining, calculating, and propagating routing information. If they are configured incorrectly, thay can be extremely vulnerable. If they configured correctly, they can be almost (dare I say it) bulletproof. Having said that, of course, there are denial of service attacks which can test the mettle of virtually any system, and some systems are better than others in how they respond to hostile attacks. - paul