Sign in / up

back to article Cisco tool IDs malware in the firmware

Cisco's moved on the “SYNful knock” vulnerability with a free tool letting admins test their routers for fudged firmware. The vulnerability emerged in August, when The Borg warned that its ROMMON firmware had been reverse-engineered. That meant a privileged user could flash routers with compromised versions. Within a month, …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Joke

    So detection on Five Eyes variants is right out then?

    1 0 Reply
  2. Ragarath

    Can't they have a tool that detects all firmware bugs quite easily?

    Surely this is just a case of checking a hash code or something for that firmware version and that it should match the version in Cisco's database or tool?

    0 0 Reply
    1. Tom Chiverton 1
      Reply Icon

      Hoe do you get the hash off the (compromised) device ? You can't trust anything it runs.

      0 0 Reply
      1. Ragarath
        Reply Icon

        If you already don't trust it and you already know it's compromised and don't need the tool.

        0 1 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like