Mar
24
2009
Cisco to acquire Pure Digital Technologies

On 19 March 2009, Cisco announced its intent to acquire privately held Pure Digital Technologies Inc. San Francisco-based Pure Digital, creator of the best-selling Flip VideoTM brand, is a pioneer in developing consumer-friendly video solutions with mass-market appeal. “The acquisition of Pure Digital is key to Cisco’s strategy to expand our momentum in the media-enabled home and to capture the consumer market transition to visual networking,” said Ned Hooper, senior vice president of Cisco’s Corporate Development and Consumer Groups. “Pure Digital has revolutionized the way people capture and share video with Flip Video. This acquisition will take Cisco’s consumer business to […]

Mar
20
2009
2 new Cisco critical vulnerabilities

On 4 March 2009 and on 11 March 2009, Cisco has published two new security advisories, which can be exploited by malicious people to conduct a DOS attack or a Remote control attack. 1) Cisco 7600 Series Router Session Border Controller Denial of Service Vulnerability A denial of service (DoS) vulnerability exists in the Cisco Session Border Controller (SBC) for the Cisco 7600 series routers. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

Mar
17
2009
How to protect against BPDU attack
bpdu_attack_2

The spanning-tree protocol is used to cut loops that redundant links create in bridge networks. These packets are not attested by the system, so an attacker could spoof the BPDU and compromise the network stability! See below to understand BPDU attack: In this example the Ciscozine1 switch is elected Root Bridge due to the lower MAC-address (suppose that all the switches have the same priority).

Mar
6
2009
BGP MiTM attacks

Surfing the web, I have found a nice article about BGP weakness. This document, entitled “Defending Against BGP Man-In-The-Middle Attacks“, was presented by Earl Zmijewski during Black Hat DC 2009 (Hyatt Regency Crystal City – February 16-17 – Arlington, Virginia). The slides focus on four points: BGP Routing Basics – Enough to understand and identify the threat BGP Update Messages BGP Attributes Some real examples The Man-In-The-Middle Attack: How BGP MiTM attack work What are the techniques used by an attacker to “tune” the attack (Obscuring the MITM attack with TTL adjustment) Detecting the Attack – Methods for observing the attack […]

Mar
4
2009
Planetary Skin, a Cisco-Nasa partnership

NASA and Cisco Inc. announced Tuesday a partnership to develop an online collaborative global monitoring platform called the “Planetary Skin” to capture, collect, analyze and report data on environmental conditions around the world. Under the terms of a Space Act Agreement, NASA and Cisco will work together to develop the Planetary Skin as an online collaborative platform to capture and analyze data from satellite, airborne, sea- and land-based sensors across the globe. This data will be made available for the general public, governments and businesses to measure, report and verify environmental data in near-real-time to help detect and adapt to […]

Feb
26
2009
3 new Cisco critical vulnerabilities

On 25 February 2009, Cisco has published three new security advisories, which can be exploited by malicious people to conduct a DOS attack or a Remote control attack. 1) Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine The Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Cisco ACE Module and Cisco ACE 4710 Application Control Engine contain multiple vulnerabilities that, if exploited, can result in any of the following impacts: Administrative level access via default user names and passwords Privilege escalation A denial of service (DoS) condition

Feb
24
2009
Cisco IOS causes Internet disruption

On February 16th, SuproNet, a local Czech provider, single-handedly caused a global Internet meltdown for upwards of an hour today. SuproNet accomplished this feat by sending out a rather unusual routing update, one which a lot of routers did not handle very well. The result was Internet bedlam. “What we think happened next is the Internet equivalent of a massive buffer overflow. While most of the core routers run by major ISPs fared just fine, processing the ridiculous path and sending it on, others choked. Perhaps they weren’t as well maintained or were running buggy software. These routers viewed the […]

Feb
21
2009
WebEx for mobile

Cisco has unveiled plans to bring its WebEx online meeting service to a new crop of smartphones. The announcement, at Mobile World Congress, means users will be able to join Cisco WebEx Meeting Center web and audio conferences on smartphones including the BlackBerry Bold, BlackBerry Curve 8900, and BlackBerry Storm from RIM, the Nokia E71, Nokia E75, Nokia N97, and other Nokia Eseries and Nseries, and the Samsung Blackjack II. They will be able to participate in audio and web conferencing via 3G or Wi-Fi, attend scheduled meetings and view presentations, applications and desktops with live annotations. In addition, Cisco […]

Feb
17
2009
Use MRTG to monitor bandwidth

In “An introduction to SNMP” I have explained how SNMP protocol works and how use it; but what are the softwares that use SNMP to monitor network bandwith? HP Openview, Ciscoworks, MRTG are some examples. In this article I will explain how monitor Cisco Switches/Routers bandwith under a Linux machine using a free open source tool: MRTG. The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network links. MRTG generates HTML pages containing PNG images which provide a LIVE visual representation of this traffic. MRTG consists of a Perl script which uses SNMP to read the traffic counters […]

Feb
10
2009
Why use HSRP version 2?

Not everyone knows that HSRP, a fault-tolerant default gateway protocol, has two versions: version 1 (the default) and version two. The second version was integrated from IOS Release 12.2(25)S. HSRP Version 2 features: It advertises and learns millisecond timer values. This change ensures stability of the HSRP groups in all cases. It expands the group number range from 0 to 4095 and consequently uses a new MAC address range 0000.0C9F.F000 to 0000.0C9F.FFFF. It provides improved management and troubleshooting: the HSRP version 2 packet format includes a 6-byte identifier field that is used to uniquely identify the sender of the message. Typically, this field […]