Owning The Data Centre Using Cisco Nx-Os Based Switches presented at Blackhat Europe 2011

by George Hedfors (cybercom sweden east ab ),

Tags: Security

Summary : Banks and large corporations are constantly upgrading their infrastructure. One of the latest additions to the Cisco family is the 7000-series with it's new and "secure" linux-based NX-OS. This switch can easily take the role as the sole core switch in some of the largest network infrastructures in the world. It manages up to 512 x 10 gigabit interfaces and is a new virtualization platform within networking. Unfortunately, its new operating system also exposes old attacks, previously classified as network based denial of service, as remotely exploitable buffer overflows. Deployment of generic rootkits is also possible by breaking out of the Cisco CLI environment using a series of undocumented features. What would be the impact for a large bank or corporation be if the core switch was infected with backdoors that gave an attacker control over all VLANs?