Latest software headlines from Network World:
Two years on, Microsoft and Novell extend partnership
Google solves long Gmail outage, but questions remain
Microsoft to alpha test Office 14 before end of year
Google Apps admins jittery about Gmail, hopeful about future
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
A secure environment mitigates this risk
In order to deploy these rootkits, someone needs device access. Imagine that you're using two-factor authentication to login, and logging all commands entered to a hardened, unmodifiable syslog server. If someone attempts to install the rootkit, there will at least be an audit trail that can be used against them (assuming they weren't smart enough to block the system log messages that indicated it was installed).
Once there is more information, this should be easy to identify measures to mitigate this risk.
A scary scenario would be a remote code vulnerability that allowed for a remote rootkit install. This would allow a worm to be created. The only thing you can do here is make sure you keep up on vulnerabilities and firmware releases, and hope Cisco writes better code ;)