Cisco Finds Critical Vulnerability In WikiLeaks Docs

[Guest]

But the security flaw wasn't included in the problems highlighted by WikiLeaks--Cisco's security team discovered the problem themselves while digging through the "Vault 7" document trove.

Cisco Finds Critical Vulnerability In WikiLeaks Docs : Read more

 

[Murissokah]

I'm not sure if I got this right, but did they just make public through mainstream media a security flaw for which they have no fix?

 

[WFang]

Well, the information was public already, so them not finding and admitting to it could well be considered neglect by investors and customers. Keep in mind, anyone (with the proper resources and background) could have combed the same document leak and come up with the same approach.

If anything, their public confirmation is a smart move both towards existing customers (notifying them about a known flaw) and towards investors. Both are at this point some degree of damage control.

(Removed one word for clarity.)

 

[TheViper]

Shouldn't be using telnet anyway. SSH only unless your IOS release does not support encryption...then you have bigger problems to start with.

 

[eriko]

@ TheViper

And SSH VERSION 2 at that.

I was battling Chinese hackers I couldn't keep out of my infrastructure for weeeeeeeks.

I did not notice that I was on SSH v1, which is known to be compromised.

So I generated new crypto keys, and set SSH v2, and that was that, they have not been in since. I also added an ACL entries for about 100 IPs that were involved in it too, all one by one, dog dammit, and a simple VTY-allowed list for me.

I see them denied in my logs every few mins or so. Less and less often too. Seems they are close to giving up.

I never once heard back from a single Chinese ISP regarding these attacks.

 

[Braindead154]

If your still using Telnet, you've got bigger problems than this vulnerability.