Detecting Cisco IOS probes We have detected activity directed towards Cisco IOS sytems via http. Most likely, the said activity are probes looking for live Cisco machines with vulnerable Cisco IOS software accessible via its HTTP server. Based on the signature of the probes, it seems that the following tool is being used: cisco scanner v0.2.
Full analysis: http://www.philippinehoneynet.org/dataarchive.php?date=2006-02-16 Ryan Talabis Philippine Honeynet Project http://www.philippinehoneynet.org
