Teens write script to attack Cisco devices

By Edmund X. DeJesus, Contributing Writer 30 Mar 2004 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Computer security was increased not one iota by the release of an attack script aimed at Cisco networking devices by a group of Italian teenagers. Cisco has warned users of the threat and provided code upgrades and mitigation suggestions for the vulnerabilities. Administrators who haven't yet deployed all the fixes on their devices could be hit by a rash of assaults.

The proof-of-concept code consists of a Perl script that allows the user to select an attack from a handy menu of nine choices. The attacks exploit known vulnerabilities in Cisco products, including devices running the Internetwork Operating System (IOS), routers, PIX firewalls and Catalyst switches. Helpful comments in the script explain that different sections exploit denial of service vulnerabilities, authorization problems and execution of arbitrary code. When run, the script prints useful messages, like, "Vulnerability successful [sic] exploited. Target server is down."

A preface to the script announces that, "The BlackAngels staff refuse all responsabilities [sic] for an incorrect or illegal use of this software or for eventual damages to others systems." However, it's difficult to imagine any other use for the attack script. The BlackAngels describe themselves as a group of Italian teenage boys, "expert in the network security field and programming." Their generosity in making this attack script generally available was matched by the French group K-OtiK, which published the attack script on its Web site.

Cisco has already provided fixes for all the problems that the attack script exploits, except for one denial of service issue in the Cisco 675 that can be mitigated.

Tags: Network Security Monitoring and Analysis,  Network Security Best Practices and Products,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Security Monitoring and Analysis Application-specific network intrusion detection systems emerge Anomaly-based intrusion protection configuration and installation How can I calculate perimeter firewall throughput? How do I find the application on my network that's dropping packets? Integrating NAC with network security tools Where can I find a sample security audit report? How can I run my own? The firewall remains the network traffic cop, but its role is changing Troubleshooting VLANs: How to monitor 802.1q tagged traffic Poor data-loss prevention practices almost cost Intel a billion How can I block my competitor's IP address range from my website? Network Security Best Practices and Products 3Com acquisition confirms HP-Cisco battle for China Enterprises demand next-generation firewalls with IPS, app visibility Preventing hacker attacks with network behavior analysis IPS Is there a way to trace my stolen laptop computer? Integrating NAC with network security tools Should organizations separate technical from administrative security? What network equipment is needed to secure a small business LAN? Ethical hacking and countermeasures: Network penetration testing intro Are you on a domain name system (DNS) blacklist database? Rogue access points: Preventing, detecting and handling best practices

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary deep packet inspection (DPI)  (SearchNetworking.com) FCAPS  (SearchNetworking.com) Nessus  (SearchNetworking.com) netstat  (SearchNetworking.com) port mirroring  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary