|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
X-Original-To: nanog@nanog.org In-Reply-To: <00c201d0efe2$8c556b40$a50041c0$@truenet.com> Date: Tue, 15 Sep 2015 14:35:44 -0400 From: Michael Douglas <Michael.Douglas@IEEE.org> To: eric-list@truenet.com, NANOG <nanog@nanog.org> Errors-To: nanog-bounces@nanog.org Does anyone have a sample of a backdoored IOS image? On Tue, Sep 15, 2015 at 2:15 PM, <eric-list@truenet.com> wrote: > I'm sure most have already seen the CVE from Cisco, and I was just reading > through the documentation from FireEye: > > https://www.fireeye.com/blog/threat-research/2015/09/synful_knock_-_acis.htm > l > > Question is that it looks to me like they are over-writing the ospf > response > for "show ip ospf timers lsa-group"? > And if that's the case I'm guessing the router would need to have ospf > enabled to be able to see the response? > > > Sincerely, > > Eric Tykwinski > TrueNet, Inc. > P: 610-429-8300 > F: 610-429-3222 > > > > >
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |