3. Misconceptions and Realities about Cisco IOS

Lynn pointed out several misconceptions about Cisco IOS and then talked about the realites. As discussed earlier, many people think that routers and switches are mainly hardware, but in reality, the software is the most important piece.

Routers have the reputation of being very stable and secure devices, but according to Lynn, routers are vulnerable to buffer overflows and can crash just like any other computer.

Misconceptions about IOS Slide

Higher level router features are based on low level functions. Any fixes to these low level functions must be cataloged and then tested under many conditions to determine that the fix actually works and doesn't affect the stability of the router. As a result, these low-level functions aren't often changed because they are so difficult and time consuming to fix.

As a result, Lynn's attack should work against most versions of IOS, because the low-level functions tend to remain the same. So a hacker must figure out by trial and error where the buffer overflows occur, and how to trigger the vulnerabilities. This is tedious, but hardly impossible - it's the same technique used for all buffer overflow attacks, on Windows and Linux and Solaris as well as (now) on IOS.

The realites of Cisco IOS Slide