Explore the vulnerabilities and security implications of Cisco NX-OS in this conference talk from TROOPERS11. Delve into the underlying Linux system, hidden strings, and command line interfaces of Cisco NXOS boxes. Examine potential risks, including pseudoers, CDP exploits, and memory allocation issues. Learn about debugging techniques using GDB, analyze core dumps, and understand the implications of gut mode. Discover ancient artifacts within the system and investigate the backtick bug. Gain insights into Cisco's bug tracking process and shell scripting capabilities to better secure data centers running on Cisco NX-OS.
Overview
Syllabus
Introduction
What is an NXOS
Cisco NXOS boxes
Cisco vulnerabilities
Cisco 7000
Linux
Underlying Linux
Command line interfaces
Hidden strings
GDB
What could go wrong
Pseudoers
Is it fixable
CDP
Core dumps
Memory allocation
Other funny thought
Gut mode
Ancient stuff
Cisco NXOS
Backtick
Bug tracking
Shell
Script
Taught by
WEareTROOPERS
