| New User, Welcome! Login |
network administrators
http://mcpmag.com/columns/article.asp?EditorialsID=1369
____________________________
Matt Ausmus
Network Administrator
Chapman University
635 West Palm Street
Orange, CA 92868
(714)628-2738
mausmus@chapman.edu
>> about information security technique and their participation and sharing of
>> the conference.
>>
>> Attenders
>> Anyone who loves information security, including information security
>> experts and fans, network administrators, network security consultants, CIO,
>> hacker technique fans, etc.
>>
>> Location : Beijing Jintai Hotel http://www.bjjintaihotel.com/
>>
>> Topics include (but not limited to):
Tcl (Tool Command Language) is a scripting language used extensively in
embedded systems, which is easy to use and has some powerful features.
The language has been supported by Cisco IOS for some time now and is
used, for example, in IOS IVR configuration as well as for automating
mundane tasks regularly performed by network administrators. This short
technical briefing describes a technique using Tcl to create a backdoor
within IOS that would allow a remote attacker to execute privileged
commands on a networking device. The document (which includes a
proof-of-concept Tcl script) can be downloaded here:
> about information security technique and their participation and sharing of
> the conference.
>
> Attenders
> Anyone who loves information security, including information security
> experts and fans, network administrators, network security consultants, CIO,
> hacker technique fans, etc.
>
> Location : Beijing Jintai Hotel http://www.bjjintaihotel.com/
>
> Topics include (but not limited to):
allows hosts on a TCP/IP network to request and be assigned IP addresses,
and also to discover information about the network to which they are
attached. BOOTP provides similar functionality, with certain restrictions.
The DHCP protocol allows a host which is unknown to the network
administrator to be automatically assigned a new IP address out of a pool
of IP addresses for its network. In order for this to work, the network
administrator allocates address pools in each subnet and enters them into
the dhcpd’s configuration file. OpenBSD’s implementation of the DHCP
server is based on an early version of ISC’s dhcpd that the OpenBSD
project further developed to incorporate additional security features such
Details
=======
The Cisco NAC (formerly Cisco Clean Access) solution allows network
administrators to authenticate, authorize, evaluate, and remediate
wired, wireless, and remote users and their machines prior to
allowing users onto the network. The solution identifies whether
machines are compliant with security policies and repairs
vulnerabilities before permitting access to the network. You can use
the NAC Manager server and its web-based administration console to
optional integration with Microsoft Exchange ActiveSync(r), SMTP, POP, IMAP, LDAP, and List Server, IMail
users can send and receive email using any standards-based client, including Microsoft Outlook(r),
Outlook Express(r), or Eudora(r). Or, users can access email from anywhere via IMail's customizable Web
messaging, available in eight languages.
Designed to place minimal ongoing maintenance burden on network administrators, IMail can authenticate
users from its own database, an active directory database, or from any ODBC-compliant data store, making
life easier for the busy administrator. IMail Server also delivers a quick and easy installation or upgrade
process."
0x02 : Vulnerability Details
IRM Research wrote:
> Tcl (Tool Command Language) is a scripting language used extensively in
> embedded systems, which is easy to use and has some powerful features.
> The language has been supported by Cisco IOS for some time now and is
> used, for example, in IOS IVR configuration as well as for automating
> mundane tasks regularly performed by network administrators. This short
> technical briefing describes a technique using Tcl to create a backdoor
> within IOS that would allow a remote attacker to execute privileged
> commands on a networking device. The document (which includes a
> proof-of-concept Tcl script) can be downloaded here:
>
ASR 9000 Aggregation Services Routers.
Workarounds
===========
There are no workarounds for this vulnerability. Network administrators
are advised to apply mitigation techniques to help limit exposure to the
vulnerability. Mitigation techniques consist of allowing only legitimate
devices to connect to the routers.
These access restrictions can be accomplished by using interface
between SCP and RCP is that in SCP, all aspects of the file transfer
session, including authentication, occur in encrypted form, which
makes SCP a more secure alternative than RCP. SCP relies on the
Secure Shell (SSH) protocol, which uses TCP port 22 by default.
The Role-Based CLI Access feature allows the network administrator to
define "views". Views are sets of operational commands and
configuration capabilities that provide selective or partial access
to Cisco IOS software EXEC and configuration (Config) mode commands.
Views restrict user access to Cisco IOS command-line interface (CLI)
and configuration information; that is, a view can define what
tested against: Microsoft Windows Server 2003 r2 sp2
Description:
"DeviceExpert is a web–based, multi vendor network change, configuration and
compliance management (NCCCM) solution for switches, routers, firewalls and
other network devices. Trusted by thousands of network administrators
around the world, DeviceExpert helps automate and take total control
of the entire life cycle of device configuration management."
[..]
Background:
known to be affected by this vulnerability.
Details
=======
The Cisco NAC Appliance solution allows network administrators to
authenticate, authorize, evaluate, and remediate wired, wireless,
and remote users and their machines prior to allowing users onto the
network. The solution identifies whether machines are compliant with
security policies and repairs vulnerabilities before permitting access
to the network.
|
|
|
