Posted on 07/17/2003 6:34:36 AM PDT by zeugma
CERT has issued an alert indicating that a major flaw has been found in just about all Cisco routers. This bug will allow someone to make a router hang so that it won't accept any more packets, and cause it to need to be rebooted. The upshot of which is, internet connectivity in many places may be spotty for the next few days as these routers are patched. Worse case senerio is that someone has a variant of one of the many microsoft windows worms that can exploit this bug. This could bring large portions of the net grinding to a halt. Personally, I don't think this is likely, but merely possible in theory.
There are indications that (contrary to the CERT advisory) there are some folks out there exploiting this. Cisco has a fix and it is being distributed to folks across the world. The problem is, Cisco switches(also affected) and routers pretty much run the entire internet. It will take some time for all the routers to be patched. I expect to see the patching to start at the core and propagate out to the edge.
None. However, the low-hanging fruit of the various easily explotable bugs in all microsoft software provide a ready mechanism to attack other systems. Besides, I never pass up an opporunity to bash microsoft.
I disagree. This is a variant of the "everyone does it" strategy that liberals use to get people to excuse deviancy.
Both Linux and the Darwin kernel underneath Mac OSX are open source. You can download them, check the actual code that handles buffers or security, and hack away at them to your heart's content. With respect to Linux, it powers enough high-profile sites that there are certainly incentives to try to hack it. Microsoft's Jim Allchin, on the other hand, testified at a federal court that Windows code cannot be safely released because it will reveal known bugs.
Yes, Microsoft is getting better. But it's popularity isn't the reason why it has a reputation for being a security problem. The fact that it's been at the heart of so many security problems is.
Roadrunner is dog slow today.
I own no Cisco gear at all, and I'm glad.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.