Cisco Live is Cisco’s annual IT and communications conference and this year is the 20th Anniversary of the Cisco Networkers program. “This year marks the 20th anniversary of Networkers, which has grown into Cisco Live, our annual IT and communications conference. Much has changed since that first conference in 1989. But one thing remains as true today as it was then: knowledge is power. That simple phrase is the perfect theme for Cisco Live 2009. Innovative, creative, and knowledgeable people and businesses will always have a powerful competitive edge. In a challenging economy, it’s even more vital to hone the [...]

On March 25, 2009, the The Cisco Product Security Incident Response Team (PSIRT) has published 8 new vulnerability advisories. Mainly these vulnerabilities are DOS attack.   1) Cisco IOS cTCP Denial of Service Vulnerability A series of TCP packets may cause a denial of service (DoS) condition on Cisco IOS devices that are configured as Easy VPN servers with the Cisco Tunneling Control Protocol (cTCP) encapsulation feature. Vulnerable Products Cisco IOS devices running versions 12.4(9)T or later and configured for Cisco Tunneling Control Protocol (cTCP) encapsulation for EZVPN server are vulnerable.

On 19 March 2009, Cisco announced its intent to acquire privately held Pure Digital Technologies Inc. San Francisco-based Pure Digital, creator of the best-selling Flip VideoTM brand, is a pioneer in developing consumer-friendly video solutions with mass-market appeal. “The acquisition of Pure Digital is key to Cisco’s strategy to expand our momentum in the media-enabled home and to capture the consumer market transition to visual networking,” said Ned Hooper, senior vice president of Cisco’s Corporate Development and Consumer Groups. “Pure Digital has revolutionized the way people capture and share video with Flip Video. This acquisition will take Cisco’s consumer business to [...]

On 4 March 2009 and on 11 March 2009, Cisco has published two new security advisories, which can be exploited by malicious people to conduct a DOS attack or a Remote control attack. 1) Cisco 7600 Series Router Session Border Controller Denial of Service Vulnerability A denial of service (DoS) vulnerability exists in the Cisco Session Border Controller (SBC) for the Cisco 7600 series routers. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

The spanning-tree protocol is used to cut loops that redundant links create in bridge networks. These packets are not attested by the system, so an attacker could spoof the BPDU and compromise the network stability! See below to understand BPDU attack: In this example the Ciscozine1 switch is elected Root Bridge due to the lower MAC-address (suppose that all the switches have the same priority).

Surfing the web, I have found a nice article about BGP weakness. This document, entitled “Defending Against BGP Man-In-The-Middle Attacks“, was presented by Earl Zmijewski during Black Hat DC 2009 (Hyatt Regency Crystal City – February 16-17 – Arlington, Virginia). The slides focus on four points: BGP Routing Basics – Enough to understand and identify the threat BGP Update Messages BGP Attributes Some real examples The Man-In-The-Middle Attack: How BGP MiTM attack work What are the techniques used by an attacker to “tune” the attack (Obscuring the MITM attack with TTL adjustment) Detecting the Attack – Methods for observing the attack [...]

NASA and Cisco Inc. announced Tuesday a partnership to develop an online collaborative global monitoring platform called the “Planetary Skin” to capture, collect, analyze and report data on environmental conditions around the world. Under the terms of a Space Act Agreement, NASA and Cisco will work together to develop the Planetary Skin as an online collaborative platform to capture and analyze data from satellite, airborne, sea- and land-based sensors across the globe. This data will be made available for the general public, governments and businesses to measure, report and verify environmental data in near-real-time to help detect and adapt to [...]