[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Synful Knock questions...

Subject: Synful Knock questions...
From: eric-list at truenet.com (eric-list at truenet.com)
Date: Tue, 15 Sep 2015 14:15:48 -0400

I'm sure most have already seen the CVE from Cisco, and I was just reading
through the documentation from FireEye:
https://www.fireeye.com/blog/threat-research/2015/09/synful_knock_-_acis.htm
l

Question is that it looks to me like they are over-writing the ospf response
for "show ip ospf timers lsa-group"?
And if that's the case I'm guessing the router would need to have ospf
enabled to be able to see the response?


Sincerely,

Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
F: 610-429-3222

Follow-Ups:
- Synful Knock questions...
  - From: Michael.Douglas at IEEE.org (Michael Douglas)
- Synful Knock questions...
  - From: jake.mertel at ubiquityhosting.com (Jake Mertel)

Prev by Date: SMS Gateway
Next by Date: Synful Knock questions...
Previous by thread: Frontier flaps -12:15?
Next by thread: Synful Knock questions...
Index(es):
- Date
- Thread