Killing the myth of Cisco IOS rootkits: DIK (Da Ios rootKit)
Abstract
Public rootkit implementations for Cisco IOS have not been seen and
system administrators tend to think that this is not possible or
that even being possible, a generic method could not be created and
that a skilled attacker is needed to target them.
We will present DIK (Da Ios rootKit) to show that a tool like CIR is
the only available method to detect an advanced rootkit like this
and that even a tool like this is probably not enought in some cases.
Speaker
Sebastian 'topo' Muniz
I've worked for several years as a senior developer on the
telecomunications industry and for the last 2 1/2 years as Exploit
Writer at CORE Security Technologies writting exploits for multiple
platforms. In my free time i enjoy disassembling (and sometimes
event desoldering) embedded systems like my (ex)DVD Player.