I saw FX speak on Cisco IOS forensics at Black Hat DC 2008. I just got a chance to read his excellent post On IOS Rootkits. I was impressed to read FX's pointer to his company's Cisco Incident Response - CIR Online Service, with a specific report run on Sebastian 'topo' Muniz's IOS rootkit. Also, consider this from FX's post:
Now that some people actually talk about IOS rootkits, interesting tidbits show up. One person asked me if we have tested CIR with the Russian IOS rootkit that was for sale a few years ago. No, we didn't, but good to know that these exist.
Russian IOS rootkit... interesting. How much proof do we need to Monitor our routers?
Jumat, 06 Juni 2008
FX on Cisco IOS Rootkits
03.55
No comments
Langganan:
Posting Komentar (Atom)
0 komentar:
Posting Komentar