Results 1 to 6 of 6

Thread: Exploiting Cisco Routers: Part 2

  1. #1
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325

    Exploiting Cisco Routers: Part 2

    Securityfocus has published another article/doc on Exploiting Cisco Routers.

    It is just building on part one, mostly. It seems that they really like to exploit the http server that some cisco routers come with...

    Isn't that the first thing people disable?! I know it is for me.

    Anywho... enjoy.

    http://www.securityfocus.com/infocus/1749
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  2. #2
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    Heh, seeing how cisco in their infinite wisdom uses IIS to power their webserver? Nuff said

    /nebulus
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  3. #3
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    nebulus200: I didn't realize that Cisco used IIS...

    I actaully like their routers. They are fun to play on and configure.

    Then again... I've only used Cisco and Motorolla Vanguard routers...
    (besides the home broadband routers)
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  4. #4
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    I never said I didn't like their routers, just wasn't thrilled that they like to use IIS on the backend...take a look at IIS vulnerabilities, around 50% of the time, you will see cisco listed as one of the vulnerable vendors...

    /nebulus
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  5. #5
    Junior Member
    Join Date
    Oct 2002
    Posts
    7
    Then why do we not hear about cisco router exploits as often as webservers using IIS?
    I think that cisco updates their stuff very well. Much better than any other compnany using IIS.

  6. #6
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    One particular annoyance is that the web admin console does not offer most of the useful CLI commands/options. Cisco has a wonderful reputation for network hardware but from time to time, when I see IIS used to power the web admin console and spotty issues with new IOS releases, I begin to wonder if the patients are trunning the asylum in their QA lab.

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •