DeepNines’ vision of routers as targets could already be coming true. On Jan. 19, Cisco Systems announced new vulnerabilities for the Internetwork Operating Software (IOS) that runs its routers for Cisco IOS Telephony Service (ITS), Cisco CallManager Express (CME) or Survivable Remote Site Telephony (SRST). According to information from Cisco, “A successful exploitation of this vulnerability may cause a reload of the device and could be exploited repeatedly to produce a Denial of Service (DoS).”
“Where there’s smoke, there’s fire – meaning these won’t be the last router vulnerabilities we hear about this year,” Jackson said. “Cisco’s greatest asset, its large market share, could become one of its most glaring weaknesses. Just as Microsoft’s market share makes it a target for attackers, so, too, Cisco could begin to suffer attacks more regularly. The real problem is that there has been virtually no protection for routers – until now. Our DeepNines Security Edge Platform™ sits invisibly in front of the router, monitors all traffic coming in and out and stops or traps the bad traffic before it’s able to harm the network.”
The DeepNines Security Edge Platform, which is placed in front of the router, would be able to ensure that all packets coming into and out of the network are inspected for malformation or malicious behavior. The platform’s behavior monitors also could determine if there was an increase of traffic to vulnerable ports and further inspect that traffic for malicious intent.
Cisco advisory document No. 63708 says that “affected devices that must run ITS, CME or SRST are vulnerable, and there are not any specific configurations that can be used to protect them … and putting firewalls in strategic locations may greatly reduce exposure until an upgrade can be performed.” See: http://www.cisco.com/warp/public/707/
“We wonder exactly how a company is supposed to put a firewall in front of its router if it is on a DS3 or a T1,” Jackson said. “The DeepNines Security Edge Platform extends out in front of the router to provide the same layers of protection that otherwise are offered only behind firewalls, where, in some cases, it’s too late if bad traffic has made its way that far inside.”
About Deep Nines, Inc.
DeepNines offers a scalable security platform for Global 2000 companies with a vertical market focus in education, government, telecommunications, energy and financial services. The DeepNines Security Edge Platform™ integrates intelligent firewall, intrusion prevention, best-of-breed secure content management, forensics and reporting. It operates outside the network infrastructure, improving organizations’ security “deep into the nines.” DeepNines’ Security Edge Platform, the company’s patent-pending security system, is a fully automated signature and behavior-based intrusion prevention and traffic management system preventing known and unknown attacks from entering an organization’s network. The Security Edge Platform runs on Solaris and Linux platforms from Sun Microsystems. To learn more about Deep Nines visit www.deepnines.com.
©2005 Deep Nines, Inc., all rights reserved. DeepNines Technologies, Security Edge Platform, Security Edge System, Sleuth9 Security System, Sleuth9, ForensiX Capture System, Holistic Management Console, and Zero Footprint Technology are trademarks and/or registered trademarks of Deep Nines Inc. All other brands and products are trademarks and/or registered trademarks of their respective owners.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.