[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    Re: Cisco exploits/vulnerabilities
From:       Paul Ferguson <pferguso () cisco ! com>
Date:       1997-07-09 10:13:57
[Download RAW message or body]

At 08:56 AM 07/09/97 -0500, Bertrum Carroll wrote:

>It looks as if most of these attacks require access to the router
>console.  If this is true, that's pretty good security.
>
>Or did I miss something?
>

You missed something.  :-)

Configuring protection, or conversely, opening holes, must be
done from the configuration perspective. Configuring can be
done from the console or from a TELNET VTY connection.

Routers are similar in nature to other computer systems, with
the exception being that they are highly specialized systems
tailored to the task of packet forwarding and maintaining,
calculating, and propagating routing information.

If they are configured incorrectly, thay can be extremely
vulnerable. If they configured correctly, they can be
almost (dare I say it) bulletproof.

Having said that, of course, there are denial of service
attacks which can test the mettle of virtually any system,
and some systems are better than others in how they respond
to hostile attacks.

- paul

[prev in list] [next in list] [prev in thread] [next in thread]