TFTP is the devil's handmaiden. Heck, it makes FTP look secure. Check out: http://spaces.msn.com/members/drisa/Blog/cns!1p9yz6owxXl-uIlyqIZXkCrg!29 3.entry Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Dogers [mailto:dogers@xxxxxxxxx] Sent: Thursday, November 03, 2005 10:53 AM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Uh oh - more Cisco problems http://www.ISAserver.org But they are! It's HARDware! Grrr, hard things! Solid as a rock, matey! ;) The problem isn't just that they don't update, it's that you need magic pixie powder to update Cisco stuff. Or rather, someone who knows Cisco stuff and (more importantly!) how to navigate their website! IIRC you have to download chunks of the firmware/OS and upload them bit by bit over TFTP. It's madness! Andrew On 03/11/05, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote: http://www.ISAserver.org Hi Andrew, But the problem goes even deeper than that. Because "hardware" firewall guys think their devices are immune from disease (unlike the TB ridden carcasses of Windows devices), they never update their devices, and Syphco feeds into that mindset by not providing an automated approach to updating their devices. Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Dogers [mailto:dogers@xxxxxxxxx] Sent: Thursday, November 03, 2005 10:26 AM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Uh oh - more Cisco problems http://www.ISAserver.org On 03/11/05, Paul Nuernberger < pen@xxxxxxxxxxxxxxxx <mailto:pen@xxxxxxxxxxxxxxxx> > wrote: http://www.ISAserver.org Check it out. http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1 140183,00.html?track=NL-102&ad=533036 A Windows bot that looks for badly set up Cisco devices.. Nice :) They've also only *just* fixed the flaw in their devices that was made known at the black hat conference earlier this year, if you can remember that far back. Andrew ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: dogers@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx