Owning the data center using Cisco NX-OS

March 31, 2011 (at 10:30 a.m.) in Attack & Research

Banks and large corporations are constantly upgrading their infrastructure. One of the latest additions to the Cisco family is the 7000-series with it’s new and “secure” NX-OS. This switch can easily take the role as the sole core switch in some of the largest network infrastructures in the world. It manages a large number of network interfaces and is the new virtualization platform within networking.

It’s new Linux based operating system enables old attack vectors, such as network based denial of service attacks to become remotely exploited buffer overflows. Deployment of generic rootkits is also possible by breaking out of the Cisco CLI environment using a series of undocumented features.

What would be impact for a large bank or corporation be if the core switch was infected by backdoors that took control over all VLANs?

George Hedfors

George Hedfors has been working for 12 years as a professional in the field and brings a lot of experience with IT- and information security. He has worked with well known security consultancies and is recently employed at Cybercom Sweden AB. Read his blog at <a href="http://george.hedfors.com/blog/" target="_blank">george.hedfors.com/blog</a> or follow him on Twitter <a href="https://twitter.com/#!/georgehedfors" target="_blank">@georgehedfors</a>.