Data network connectivity developments, networking business news, and related computing items.
Friday, August 12, 2005
Security Watch: Major Cisco router flaw: "Until recently, the idea of penetrating the Cisco Shellcode via remote access was fanciful. That was before security researcher Michael Lynn stepped up the lectern at this year's Black Hat conference, and after first stumbling through a deliberately faux presentation on VoIP security, proceeded to describe some (but not all) of his research to a skeptical audience. During his presentation, Lynn offered a quick demo of how he could access the root of a Cisco router remotely. ..
by remotely attacking the Cisco IOS Shellcode, you could destroy the instruction set on the hardware that tells the router to turn on again... Following Black Hat, Cisco issued an advisory detailing how flaws in the way older Cisco IOS system process IP6v packets could allow a remote user control of the router. .. 11:23:21 AM
by April, Cisco rolled out a patch via software upgrade. Problem was, neither Cisco nor ISS really explained why the patch was necessary. Applying a patch on a network router often requires that the router be shut down for a given length of time; on a busy network, this requires scheduling, to say the least. Thus, many Cisco clients may not have applied the patch .."
Internet Scammers Keep Working in Nigeria
: "In Festac Town, an entire community of scammers overnights on the Internet. By day they flaunt their smart clothes and cars and hang around the Internet cafes, trading stories about successful cons and near misses, and hatching new plots. Festac Town is where communication specialists operating underground sell foreign telephone lines over which a scammer can purport to be calling from any city in the world. Here lurk master forgers and purveyors of such software as "e-mail extractors," which can harvest e-mail addresses by the million. Now, however, a 3-year-old crackdown is yielding results, Nigerian authorities say.
Nuhu Ribadu, head of the Economic and Financial Crimes Commission, says cash and assets worth more than $700 million were recovered from suspects between May 2003 and June 2004. More than 500 suspects have been arrested, more than 100 cases are before the courts and 500 others are under investigation, he said." 11:12:31 AM