I recently had a CCIE (there was a time that impressed me) in the office from Cisco trying to convince me to purchase a Cisco Intrusion Prevention System. You know, there was a time that I really liked the Cisco IDS system. That was back before it was called NetRanger to the early days of the Wheel Group. Sadly not a lot had changed in the IDS system when I had another look at it a couple years ago. During a bakeoff I tested this system and when I looked under the hood I was stunned to see a lot of the very same scripts.
Now the IPS solution is something else althogether. Based on the Cisco’s security track record in recent memory I’m hard pressed to take them seriously. Now, to add some punch to my choice to not go with the Cisco solution there is a vulnerability.
Cisco Intrusion Prevention System (IPS) software version 5.1 is vulnerable to a denial of service condition caused by a malformed packet, which may result in an IPS device becoming inaccessible remotely or via the console and fail to process packets. A power reset is required to recover the IPS device. There are no workarounds for this vulnerability.
And to add to the insult there is a vulnerability in the Cisco router web set up as well.
[tags]Cisco, Intrusion Prevention System, Malformed Packet, Denial of Service[/tags]
