Create an Account
username: password:
 
  MemeStreams Logo

MemeStreams Discussion

search


This page contains all of the posts and discussion on MemeStreams referencing the following web page: ComputerWire - More Abaddon Cisco IOS Talk Details. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

ComputerWire - More Abaddon Cisco IOS Talk Details
by Rattle at 5:14 am EDT, Jul 28, 2005

“By and large the whole thing is software, it’s just a computer,” he said of his demo Cisco router. “They do have a memory architecture that is kinda weird, but it’s not alien. They have buffers, if you copy more to that buffer than you should, it will overflow.”

Lynn gave much kudos to IOS’s programmers, saying it was “not easy” to hack around its countermeasures. The software almost never uses the “stack” part of memory that is the target of many overflow attacks against other products.

He said instead that attacks against IOS will almost always be against the “heap” part of memory. But this requires the attacker to forcibly terminate an IOS routine he called “check heap”, which he said is designed to prevent such attacks.

Lynn apparently did this by convincing “check heap” that it was already crashing and getting it into an infinite loop that caused other parts of the software to close it down, giving a window of a few minutes for the real attack to be executed.

“People weren’t doing this [kind of research], it wasn’t supposed to be possible, so there are still a lot of bugs in there to find,” he said. “That digital Pearl Harbor that politicians talking about, I don’t know if it will happen but I know what it will look like if we don’t change the way we look at IOS.”

It will be called the Ciscopocalypse.


 
 
Powered By Industrial Memetics