While these types of attacks still represent the majority of attacks on network devices, attackers are now looking for ways to subvert the normal behavior of infrastructure devices due to the devices' privileged position within the IT infrastructure. In the past, attackers were primarily targeting infrastructure devices to create a denial of service (DoS) situation. Note: This document applies only to Cisco IOS Software and to no other Cisco operating systems. Additionally, the document presents common best practices that can help protect against attempts to modify hardware or inject malicious software (also referred to as malware) in a Cisco IOS device. This document analyzes methods that may be used to compromise Cisco devices, including the injection of malicious software in Cisco IOS Software, and describes ways to verify that the software on a Cisco router, both in device storage and in running memory, has not been modified. Use Centralized and Comprehensive Logging Use TACACS+ Authorization to Restrict Commands Use Authentication, Authorization, and Accounting Leverage the Latest Cisco IOS Security Protection Features Verify MD5 Validation Feature for the Text RegionĬisco IOS Address Space Layout Randomization ConsiderationsĬhecking That Cisco IOS Software Call Stacks Are Within the Text Section BoundariesĬhecking Command History in the Cisco IOS Core Dump Verifying Authenticity for Digitally Signed ImagesĬisco IOS Run-Time Memory Integrity Verification Using the Message Digest 5 File Validation Feature
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |