Overclock.net › Forums › Industry News › Software News › [NW] Hacker Writes Rootkit for Cisco's Routers
New Posts  All Forums:Forum Nav:

[NW] Hacker Writes Rootkit for Cisco's Routers - Page 2

post #11 of 13
This could be bad as routers have a fair amount of trust on any network, and are in a perfect spot to do some fun things.

Also routers firmware gets updated rarely, if ever (Not uncommon for them to go over a year w/o updates). Ciscos release cycle is every 6 months, and that is only if you have a $$² support contract with them.
post #12 of 13
Oh man, this would be horrible if it was released and recoded for various scenarios. The question is, how exactly would it get on your router? Maybe they bind it into a firmware update.

edit: just read this part from article.

Quote:
The software cannot be used to break into a Cisco router -- an attacker would need to have some kind of attack code, or an administrative password on the router to install the rootkit, but once installed it can be used to silently monitor and control the device.

The rootkit runs in the router's flash memory, which contains the first commands that it uses to boot up, said EuSecWest conference organizer Dragos Ruiu.
Quote:
Still, the rootkit comes at a sensitive time for Cisco. Last week, The New York Times reported that the U.S. Federal Bureau of Investigation considers the problem of fake Cisco gear a critical U.S. infrastructure threat.

In late February the FBI culminated a two-year investigation by breaking up a counterfeit Cisco distribution network and seizing an estimated $3.5 million worth of components manufactured in China. According to an FBI presentation on Operation Cisco Raider, fake Cisco routers, switches and cards were sold to the U.S. Navy, the U.S. Marine Corps., the U.S. Air Force, the U.S. Federal Aviation Administration, and even the FBI itself.
Wow, so imagine a big coporation buying a bunch of fake cisco gear that's already been infected with this rootkit. No one would need physical access :-x.
Edited by aod2002 - 5/16/08 at 1:42am
My Evolution
(13 items)
 
  
CPUMotherboardGraphicsRAM
E8400 @ 4.2ghz 1.35v ABIT IP-35E EVGA 9800GTX+ Superclocked(800/2000/1200)SOLD 4GB GEIL DDR2 933mhz @ 5-5-5-16 
Hard DriveOptical DriveOSMonitor
Maxtor 1TB 32MB cache + WD 320GB 16MB cache Pioneer 18x SATA dvd-writer Vista HP SP1 64bit + XP Pro 32bit 17" CRT 
PowerCaseMouse
Antec Basiq 500W :-\ Cooler Master 330 Logitech mx518 
  hide details  
Reply
My Evolution
(13 items)
 
  
CPUMotherboardGraphicsRAM
E8400 @ 4.2ghz 1.35v ABIT IP-35E EVGA 9800GTX+ Superclocked(800/2000/1200)SOLD 4GB GEIL DDR2 933mhz @ 5-5-5-16 
Hard DriveOptical DriveOSMonitor
Maxtor 1TB 32MB cache + WD 320GB 16MB cache Pioneer 18x SATA dvd-writer Vista HP SP1 64bit + XP Pro 32bit 17" CRT 
PowerCaseMouse
Antec Basiq 500W :-\ Cooler Master 330 Logitech mx518 
  hide details  
Reply
post #13 of 13
Wow this would be bad if it got out to the general public...which lets face it, it will.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [NW] Hacker Writes Rootkit for Cisco's Routers