Cisco IOS vulnerability reproduction XR New Architecture IOS escaped

Recently, Cisco issued a vulnerability notification for some specific IOs (Internetwork Operating System) versions of switches, that is, Cisco found that for a specific version of IOS, when users start FTP or telnet, as long as the authentication action is used together, Remote Data Buffer Overflow may occur. Therefore, we recommend that you update the IOS software version, or, when FTP and telnet are disabled, Authentication Settings are enabled synchronously, which can also prevent the occurrence of this network vulnerability. However, if the user initiates Authentication through HTTP or HTTPS, no problem will occur.

In fact, the occurrence of network security vulnerabilities in IOS has long been an unexpected problem, because Cisco has many IOS functions and is integrated with network-related connections, to be honest, it is quite difficult. Because IOS mainly uses L2/L3 switches as the main application market, and most of these architectures are based on the company's internal basic network, unless a specific person in the company deliberately targets existing network devices, otherwise, it is unlikely that enterprises will host their basic network architecture due to iOS vulnerabilities.

Even if the firewall has become a basic device in the enterprise network, the public network can be effectively separated from the internal network through the firewall. However, network attacks are becoming more and more diversified, and even virus or spyware is available, attackers can exploit browser vulnerabilities to intraday computer viruses or even launch attacks within the company. Therefore, many IDP and IPS vendors have proposed to enable IDP and IPs to protect the security of IOS network devices in enterprises. In addition to effectively preventing problems that may arise from IOS vulnerabilities, it can also increase defense capabilities for Enterprise Security.

However, this IOS network vulnerability does not cause problems in the new ios xr architecture. It is understood that the IOS version of XR has tried to prevent possible Network Vulnerabilities in advance. In addition to effectively ensuring the functions of XR, it can also increase the security of network operations, therefore, some business personnel said that after Cisco announced the release of the ios xr product, because XR can effectively improve the security of existing IOS products, therefore, many customers purchase the product in advance before its official launch, hoping to use the XR version to enhance the network security of the enterprise. ArticleInput: CSH responsible editor: CSH