Malware may be designed to monitor and exfiltrate information from the operating system on which it is running without being detected.
![cisco ios xe software enterprise services cisco ios xe software enterprise services](https://www.cisco.com/c/dam/en/us/td/i/300001-400000/350001-360000/357001-358000/357408.jpg)
One of the characteristics of effective malware is that it can run on a device stealthily in privileged mode. Malware is software created to modify a device's behavior for the benefit of a malicious third party (attacker). Customers running Cisco IOS Software can refer to Cisco IOS Software Integrity Assurance. This document applies only to Cisco IOS XE Software and to no other Cisco operating systems.
![cisco ios xe software enterprise services cisco ios xe software enterprise services](https://virtconlive.com/img/cisco-ios-login-enhancements-login-block-5.jpg)
Additionally, the document presents common best practices that can aid in protecting against attempts to inject malicious software (also referred to as malware) in a Cisco IOS XE device. This document analyzes injection of malicious software in Cisco IOS XE Software and describes ways to verify that the software on a Cisco router, both in device storage and in running memory, has not been modified. Use Centralized and Comprehensive Logging Use TACACS+ Authorization to Restrict Commands Use Authentication, Authorization, and Accounting Maintain Cisco IOS XE Image File Integrityĭeploy Digitally Signed Cisco IOS XE Images Verify MD5 Validation Feature for the Text RegionĬhecking That IOSd Call Stacks Are Within the Text Section BoundariesĬhecking Platform Shell Access Logs and Syslog Verifying Authenticity for Digitally Signed ImagesĬisco IOSd Run-Time Memory Integrity VerificationĬompute the MD5 Checksum of a Known-Good Text Section Using the Message Digest 5 File Validation Feature Architecture Notes and Differences with Cisco IOS Software