'Exploiter' hack program targets Cisco networks

Cisco has issued an urgent warning to users to update their network software following the release of a hacking program designed...

Cisco has issued an urgent warning to users to update their network software following the release of a hacking program designed to attack nine known serious vulnerabilities in Cisco products.

The program, Cisco Global Exploiter, targets vulnerabilities in the Cisco Internetwork Operating System (IOS) and Catalyst products.

Reports suggested that the code, published on a website based in Italy, appears to give hackers a menu of choices, depending on the system they are trying to break into.

Cisco said that because IOS is widely deployed, "it is a focus for exploitative efforts by certain underground communities".

Graham Titterington, principal analyst at Ovum, warned users that, "Networks are so large that there will inevitably be holes." He advised firms to protect assets such as servers, desktops and personal digital assistants, rather than rely solely on perimeter-based security such as firewalls.

Phil Cracknell, chief technology officer at supplier netSurity, said, "Cisco has a lot of problems with users not being up-to-date with IOS." Organisations often forget the router when updating IT security, he said.

"When I conduct penetration testing, the router always comes up as an area to fix," Cracknell added. Part of the problem is poor router configuration, particularly in terms of access control lists (ACLs) that control which IP ports are open to network traffic.

"Users are not implementing ACLs [in the router configuration]," he said. According to Cracknell, an ACL could avoid attacks on ports 137/8/9, which have been under pressure recently. He said firewalls were far more effective if users filtered network traffic at the router first.

Mike Caudill, customer support engineer at Cisco Systems, said users should not panic. "Cisco focuses its efforts on helping to inform and protect its customers and has established processes and mechanisms to communicate with them on these sorts of issues."

Read more on Antivirus, firewall and IDS products

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.






  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...