On Sat, 17 May 2008, Felix 'FX' Lindner wrote:
But I don't see a reason for panic and Cisco is at least partially right with their response ( http://www.cisco.com/en/US/products/products_security_response09186a00809977... ) to the whole issue: someone still needs a privilege level 15 VTY on your router and no matter what press is currently making of the rootkit, this prerequisite step is non-trivial (or should be, depending on your configuration).
On this rootkit and IOS security and how it works FX's word is of the most qualified.
cheers FX
-- Recurity Labs GmbH | Felix 'FX' Lindner http://www.recurity-labs.com | fx@recurity-labs.com Wrangelstrasse 4 | Fon: +49 30 69539993-0 10997 Berlin | PGP: A740 DE51 9891 19DF 0D05 Germany | 13B3 1759 C388 C92D 6BBB HRB 105213 B, Amtsgericht Charlottenburg, GF Felix Lindner