Embed Size (px)
Citation preview
Using BackTrack to Discover Cisco VulnerabilitiesBrian Compton
College of Technology – University of Houston
Using BackTrack to Discover Cisco VulnerabilitiesBrian Compton
College of Technology – University of Houston
Problem StatementCisco is the de facto standard for networking equipment.
Like any piece of technology that relies upon software, Cisco hardware is subject to vulnerabilities and must be patched.
Problem StatementCisco is the de facto standard for networking equipment.
Like any piece of technology that relies upon software, Cisco hardware is subject to vulnerabilities and must be patched.
Live CD: A Simple Cost Effective SolutionLive CD’s are important tools in system security. Because a Live CD does not use resident data on a target computer to operate, a security professional can boot a computer without worrying about compromised hard drives. Security professionals are able to customize the tools contained within a Live CD. Because of this, powerful, customized toolboxes can be created for security staff. The ability to have any number of software tools contained on a single cd, with the power to boot any standard pc can be a vital ability when the need to troubleshoot possible security issues arises. Live CD’s are base on the Linux operating system. Because Linux is open source, Live CD distributions can be easily obtained at no cost other than the price of the CD media.
BackTrack 3 is up to the task.Backtrack3 from remote-exploit.org is a feature packed bootable Linux distribution Intended for system security applications. Backtrack is popular within the Linuxcommunity, thereby ensuring wide support and future updates. This Live CD contains Over 300 security tools that emphasize network penetration testing and vulnerability discovery. Backtrack contains an impressive set of twelve Cisco specific tools.
Live CD: A Simple Cost Effective SolutionLive CD’s are important tools in system security. Because a Live CD does not use resident data on a target computer to operate, a security professional can boot a computer without worrying about compromised hard drives. Security professionals are able to customize the tools contained within a Live CD. Because of this, powerful, customized toolboxes can be created for security staff. The ability to have any number of software tools contained on a single cd, with the power to boot any standard pc can be a vital ability when the need to troubleshoot possible security issues arises. Live CD’s are base on the Linux operating system. Because Linux is open source, Live CD distributions can be easily obtained at no cost other than the price of the CD media.
BackTrack 3 is up to the task.Backtrack3 from remote-exploit.org is a feature packed bootable Linux distribution Intended for system security applications. Backtrack is popular within the Linuxcommunity, thereby ensuring wide support and future updates. This Live CD contains Over 300 security tools that emphasize network penetration testing and vulnerability discovery. Backtrack contains an impressive set of twelve Cisco specific tools.
ConclusionVulnerabilities that exist in the basic fabric of a network
must be addressed. While there are expensive tools that can be used to maintain Cisco equipment, these software applications may not be owned by smaller companies. The NIST SP800-30 risk management document stipulates that a best practice in the Technical Controls guidelines should include the ability to Prevent security incidents. The Cisco suite of tools included on the BackTrack Live CD can be used to address this technical control. By identifying and locating Cisco vulnerabilities, security professionals can Prevent incidents by addressing those vulnerabilities and mitigating a known risk.
ConclusionVulnerabilities that exist in the basic fabric of a network
must be addressed. While there are expensive tools that can be used to maintain Cisco equipment, these software applications may not be owned by smaller companies. The NIST SP800-30 risk management document stipulates that a best practice in the Technical Controls guidelines should include the ability to Prevent security incidents. The Cisco suite of tools included on the BackTrack Live CD can be used to address this technical control. By identifying and locating Cisco vulnerabilities, security professionals can Prevent incidents by addressing those vulnerabilities and mitigating a known risk.
ReferencesCisco IOS multiple vulnerabilities. (2008). Secunia. 3-27-2008. http://secunia.com/advisories/29507/Cisco squashes big bad router bug. SearchSecurity. 9-29-2008. http://searchsecurity.techtarget.com.au/articles/27106Espiner, T. Cisco patches Wi-Fi vulnerabilities. CNET. http://News.cnet.com/cisco-patches-wi-fi-vulnerabilities/2100-1002_3-6175847.htmlLeyden, J. (2008). Cisco’s dirty dozen fight IOS flaws. The Register. 9-25-2008. http://www.channelregister.co.uk/2008/09/25/cisco_batch_patchOu, G. (2007). Think ‘Patch Tuesday’ is just for Microsoft? Think again! ZDNET. 2-16-2007. http://blogs.zdnet.com/Ou/?p=427Specter, D H M. Linux Auditing Live CDs. TechRepublic. 7-17-2006. http://content.techrepublic.com.com/2346-10878_11-1491-1.html
http://vulnerabilityassessment.co.ukhttp://sans.orghttp://www.sourceforge.nethttp://www.derkeiler.comhttp://www.remoteexploit.org
ReferencesCisco IOS multiple vulnerabilities. (2008). Secunia. 3-27-2008. http://secunia.com/advisories/29507/Cisco squashes big bad router bug. SearchSecurity. 9-29-2008. http://searchsecurity.techtarget.com.au/articles/27106Espiner, T. Cisco patches Wi-Fi vulnerabilities. CNET. http://News.cnet.com/cisco-patches-wi-fi-vulnerabilities/2100-1002_3-6175847.htmlLeyden, J. (2008). Cisco’s dirty dozen fight IOS flaws. The Register. 9-25-2008. http://www.channelregister.co.uk/2008/09/25/cisco_batch_patchOu, G. (2007). Think ‘Patch Tuesday’ is just for Microsoft? Think again! ZDNET. 2-16-2007. http://blogs.zdnet.com/Ou/?p=427Specter, D H M. Linux Auditing Live CDs. TechRepublic. 7-17-2006. http://content.techrepublic.com.com/2346-10878_11-1491-1.html
http://vulnerabilityassessment.co.ukhttp://sans.orghttp://www.sourceforge.nethttp://www.derkeiler.comhttp://www.remoteexploit.org
Backtrack’s Tools Work
The Cisco tools included on the Backtrack distribution are proven to be able to help identify and locate specific vulnerabilities. While these tools are not used to patch the Cisco equipment in question, they can be used to query and test specific devices to ascertain version levels and vulnerable settings.
Backtrack’s Tools Work
The Cisco tools included on the Backtrack distribution are proven to be able to help identify and locate specific vulnerabilities. While these tools are not used to patch the Cisco equipment in question, they can be used to query and test specific devices to ascertain version levels and vulnerable settings.
Why is this an issue?
Microsoft is the most famous tech company when it comes to patching their product. Cisco, despite their quality reputation, must patch their products as well. Unlike Microsoft, Cisco products are not as easy or automated in the patching process. Managing Cisco equipment can be costly and cumbersome.
Just a few Cisco vulnerability headlines:
Cisco’s dirty dozen fight IOS flaws.
Cisco IOS multiple vulnerabilities
Cisco squashes big bad router bug.
Why is this an issue?
Microsoft is the most famous tech company when it comes to patching their product. Cisco, despite their quality reputation, must patch their products as well. Unlike Microsoft, Cisco products are not as easy or automated in the patching process. Managing Cisco equipment can be costly and cumbersome.
Just a few Cisco vulnerability headlines:
Cisco’s dirty dozen fight IOS flaws.
Cisco IOS multiple vulnerabilities
Cisco squashes big bad router bug.
Rank List Site#1 10 Best Security Live CD Distros www.darknet.org.uk#1 Top 10 Security Live CD www.lonerunners.net#1 Top 5 Security Oriented Operating Systems www.insecure.org#4 Primary Function: Security www.livecdlist.com#40 Page Hit Rankings, All Categories Distrowatch.com
BackTrack desktop in action.
Audit tool scans multiple devices for vulnerabilities.
