http://www.gcn.com/Articles/2009/09/25/Cisco-denial-of-service-worries.aspx By Joab Jackson GCN.com Sept 25, 2009 Abandon all hope, ye who get stung by a denial-of-service attacks. Well, almost all hope. If the latest semiannual round of security advisories from Cisco are any indication, DOS attacks continue to be a serious -- and largely unsolvable -- problem for networks. Earlier this week, Cisco issued nine advisories for its Internetwork Operating System (IOS), the operating system software for most of the company's routers and switches. The company also issued two advisories for its Cisco Unified Communications Manager. The advisories came about as part of the company's routine half-year patching cycle. In total, the 11 advisories cover 12 potential vulnerabilities. Of the vulnerabilities Cisco issued, eight address vulnerabilities that could have left customers open to denial-of-service attacks. In a DOS attack, an attacker will flood a server or piece of networking equipment with packets requesting a service of one sort or another. A distributed denial of service (DDOS) consists of a flood of phony requests sent from multiple computers, both as a way to avoid detection and to increase the severity of the attack. According to the advisories, attackers could down a Cisco router or switch via a DOS attack by flooding them with H.323 multimedia protocol-based packets, with Network Time Protocol packets, with Session Initiation Protocol packets, or packets carrying requests in a number of other protocols. [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.orgReceived on Sun Sep 27 2009 - 22:09:18 PDT
This archive was generated by hypermail 2.2.0 : Sun Sep 27 2009 - 22:22:51 PDT