| Abstract |
Cisco System’s routers running Cisco IOS are still the prevalent routing platform on the Internet and
corporate networks. Their huge population, architectural deficiencies and hugely diverse version
distribution make them a valuable target that gains importance as common operating system platforms
are closed down and secured.
This paper takes the position that the currently used, well accepted practices for monitoring,
debugging and post mortem crash analysis are insufficient to deal with the threat of compromised IOS
devices. It sets forth a different method that reduces the requirement for constant logging, favoring on-
demand in-depth analysis in case of suspicion or actual device crashes. The paper concludes by
presenting the current state in the development of software supporting the proposed method and
requesting feedback from the community on the software’s future directions.
|
top
