In the Cisco IOS are so many features and functions implemented, that some of
this, implemented for normal use
and operating, can be used for abuse, information gathering, port scanning,
(D)DoS Attacks or creating a
simple Spambot. TCL scripting open's a new wide range creating your own IOS
functions on the Device. And in
combination with other new functions like "EEM" (Embedded Event Manager) or
"ESM" (Embedded Syslog Manager)
it's possible, to react on system attitude or special events.
All this features normaly "helps" the the Networkadministrators in his daily
work. During this presentation,
you w'll see the "dark side" of some functions and the networkdevices are
changing to "self attacking
networks".
christoph
christoph weber (44) / security engineer
working since more then 20 years in the IT, security and networking eviroment.
Last 5 years for a big internet provider in switzerland in the security and
networking department.
Additionaly in different privat security and/or network projects and as
toubleshooter by network
or security incidents.