It turns out that Cisco has other pretty good commands that are used for the right purposes and that makes them the routers and switches we have all grown to love. But used in the wrong way, they could take a large network down for months. So here is how it goes.
Authors note: I do not recommend anyone trying this if you are mad at your company or just want to mess around. After my coworkers and I talked about it we all figured your going to do some jail time if you do this.
The Cisco platform has a flash based memory system that only allows you so much space, so let say you have a 32mb flash card with an IOS image of 20mb on it. You want to do an upgrade so you delete whatever image was on the flash to make room for your new upload. At this point you don't have a flash image on the box, if you reload the router it will come up into a boot prompt but unless you have out of band access that still means a trip out to each of the routers. To add to this mess, if you really want to be bad, write erase the configuration on the router so if someone is going to drive out with a new flash card to boot the router there is no configuration on it to let it run. The engineer who is on site will have to have a backed up configuration on their laptop or a TFTP server to pull one off of. The other thing is if your company has built in a band management system modems or a Cisco terminal server you can do two things on the terminal server: you can treat it like the router, delete the flash and issue it a reload. If it's a modem or a workstation than before you reload the router be sure you go into the config register and change the baud rate and stop bits on the console and aux ports. Now with the config register changed the box is pretty much toast. On a large network if you did this to 20 or 30 routers the network might be down for a week. But if you script out the attack to hit say 100 or more routers the network is going to be down for months.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.