Introducing CIR
Summary
Recurity Labs' Cisco Incidence Response is a framework for
security analysis, incident response and digital network forensics. CIR
alows to analyze post mortem crash dump information from Cisco IOS routers
and provides in-depth information on the cause of the crash, the integrity
and validity of the IOS code sections as well as anomalies in the core data
structures such as the IOS heap.
Whitepaper
A whitepaper detailing the background and working of CIR can be found at
http://www.recurity-labs.com/content/pub/papers.html.
CIR Online
CIR Online is a free online service that alows users to use the latest
version of CIR against their own crash dump files. CIR Online places the
results online for the user to access them. Recurity Labs guarantees the
user full confidentiality of the crash dump file contents and the resulting
report. No data from the crash dumps will ever be made available to any
third party.