Cisco Smart Install 설정

​취약점을 이용한 공격 툴 링크

https://github.com/Sab0tag3d/SIET  

< 조치 방법 >
1) 시스코 Smart Install을 사용하는 경우 시스코 장비 최신 버전으로 업데이트 
2) 시스코 Smart Install을 사용하지 않는 경우 no vstack 명령어를 사용하여 기능 비활성화 
3) 외부에서 TCP 포트(4786)를 사용하지 않는 경우 해당 포트 비활성화 

 

ㅇ KISA 공지
    https://www.krcert.or.kr/data/secNoticeView.do?bulletin_writing_sequence=27106

ㅇ Cisco 발표 조치 방안
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2

ㅇ 취약점 정보
    https://2016.zeronights.ru/wp-content/uploads/2016/12/CiscoSmartInstall.v3.pdf

ㅇ 관련 언론 기사
    http://www.yonhapnews.co.kr/bulletin/2018/04/07/0200000000AKR20180407046400111.HTML
    http://www.jpost.com/Breaking-News/Iranian-databases-targeted-in-cyberattack-549074

 

참고블로그 (m.blog.naver.com/PostView.nhn?blogId=nforce7050&logNo=221251889615&proxyReferer=https:%2F%2Fwww.google.com%2F)