'Exploiter' hack program targets Cisco networks


'Exploiter' hack program targets Cisco networks

Cliff Saran
Cisco has issued an urgent warning to users to update their network software following the release of a hacking program designed to attack nine known serious vulnerabilities in Cisco products.

The program, Cisco Global Exploiter, targets vulnerabilities in the Cisco Internetwork Operating System (IOS) and Catalyst products.

Reports suggested that the code, published on a website based in Italy, appears to give hackers a menu of choices, depending on the system they are trying to break into.

Cisco said that because IOS is widely deployed, "it is a focus for exploitative efforts by certain underground communities".

Graham Titterington, principal analyst at Ovum, warned users that, "Networks are so large that there will inevitably be holes." He advised firms to protect assets such as servers, desktops and personal digital assistants, rather than rely solely on perimeter-based security such as firewalls.

Phil Cracknell, chief technology officer at supplier netSurity, said, "Cisco has a lot of problems with users not being up-to-date with IOS." Organisations often forget the router when updating IT security, he said.

"When I conduct penetration testing, the router always comes up as an area to fix," Cracknell added. Part of the problem is poor router configuration, particularly in terms of access control lists (ACLs) that control which IP ports are open to network traffic.

"Users are not implementing ACLs [in the router configuration]," he said. According to Cracknell, an ACL could avoid attacks on ports 137/8/9, which have been under pressure recently. He said firewalls were far more effective if users filtered network traffic at the router first.

Mike Caudill, customer support engineer at Cisco Systems, said users should not panic. "Cisco focuses its efforts on helping to inform and protect its customers and has established processes and mechanisms to communicate with them on these sorts of issues."

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy