Guide to Harden Cisco IOS Devices

In the last days, industry journalists have started to make a big fuzz about a Cisco IOS rootkit that someone is going to present in a few days. Personally I doubt it would go beyond Tcl scripts that we already know about (OK, maybe it's EEM-based so it doesn't need a VTY and maybe it starts at router reload) … but I might be really surprised.

However, the Cisco's response to this announcement (which was basically saying "we haven't seen anything new yet") included a nice gem: a link to the Cisco Guide to Harden Cisco IOS Devices document.

Recent posts in the same categories

10 comments:

  1. Anonymous 18 May 2008 09:54
    The link to the document was also on the last "Technical Services News", which (in my opinion) every cisco-user should subscribe: http://www.cisco.com/public/news_training/itsnews/index.html
  2. Anonymous 18 May 2008 11:41
    Hi,

    which type of account is needed to access the "Hardening IOS..."-Guide? I can't access it using my free Cisco ID... :-((
  3. Anonymous 18 May 2008 11:48
    Problem solved. This link from the Technical Services News works without "Forbidden File..."-error:

    http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080120f48.shtml

    Karsten: I knew this site before, but where can you *subscribe* it? I don't see an option for a RSS-feed or mail-subscription which would be pretty nice.
  4. Ivan Pepelnjak 18 May 2008 11:54
    @Karsten: thanks for the additional information. It looks like my attention span is way too short :(

    @Anonymous: thanks for the link, I've corrected the post.
  5. Anonymous 18 May 2008 15:09
    Good point, I don't see an RSS feed or news link on that page. However, a person can subscribe to News@Cisco (http://newsroom.cisco.com/dlls/rss.html) and MyNews@Ciscowire (http://tools.cisco.com/newsroom/contactSearch/jsp/myNewsWelcome.jsp)

    It would be nice of Cisco to have links for RSS or new lists for content on this page. Time to contact Cisco and make a suggestion.
  6. Anonymous 18 May 2008 16:12
    You can manage all you Newsletter-Subscriptions under http://www.cisco.com/offer/subscribe
  7. Unknown 19 May 2008 13:28
    It would be nice of Cisco to have links for RSS or new lists for content on this page

    Cisco do in fact has such a beast, WITH RSS feeds and everything!

    http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

    Cheers
  8. LBSources 19 May 2008 19:47
    As Karsten said.. This is all you need.. http://www.cisco.com/offer/subscribe
  9. Anonymous 21 May 2008 09:13
    >>Personally I doubt it would go beyond Tcl scripts that we already know about<<

    It seems like it's a bit more than just a tcl script:
    http://eusecwest.com/sebastian-muniz-da-ios-rootkit.html
  10. Ivan Pepelnjak 21 May 2008 10:07
    Yes, it definitely looks like way more than a Tcl script. I'm getting impressed :)

    One more day to go and we'll see ...
Add comment
Home
Sidebar