Er, has anyone told the researchers about tcpdump, which is part of many *nix systems? That can slurp data and write it to disc.
Troubleshooting feature on Cisco routers is open to data-slurp abuse
A default feature of Cisco routers can readily be abused to collect data, security researchers warn. Embedded Packet Capture (EPC) was designed by Cisco as a troubleshooting and tracing tool. The feature allows network administrators to capture data packets flowing through a Cisco router. Brazilian security researchers …
COMMENTS
-
-
-
Wednesday 15th April 2015 12:04 GMT DNTP
Re: tips and icebergs
I just noticed that when I use my computer to delete a file on the server, it can't be accessed any more from ANY computer ANYWHERE, which is super good security.
Then all these people who work in offices near me start screaming things like "where is the inventory spreadsheet".
-
-
-
-
Wednesday 15th April 2015 13:28 GMT Spud
Re: omg
They've discovered a new "feature" not a "flaw" and got all worried about it. Next they'll expand their research and discover that Checkpoint firewalls have tcpdump and that "feature" is a major security risk we should all panic about. Oh wait .... BigIP also has that feature .... and apache webservers ... and omg even my windows machine has this thing called wireshark. We should just switch off the lights and go home. The networks are insecure and we're all doomed.
-
-