/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsSAN FRANCISCO: Security experts said that there have been some attempts to exploit a security flaw in network software that directs traffic on the Internet, but that so far none of those attacks had been successful.
Cisco Systems Inc. warned earlier this week of a vulnerability in its software that runs on networking equipment called routers. The flaw could allow an attacker to shut down routers, which could slow e-mail transfers and Web page downloads if enough systems were attacked.
On Friday, the federally funded Computer Emergency Response Team at Carnegie Mellon University warned that code was circulating on the Internet to exploit the vulnerability and that it would likely be used to try to launch attacks.
"We are seeing activity consistent with attempts to exploit this vulnerability, but we have no evidence to suggest that any of the attempts have been successful," Shawn Hernan, a senior member of CERT's technical staff, told Reuters.
Counterpane Internet Security said it had also tracked attempts to exploit the security hole but had not seen any evidence of successful attacks against the corporate networks it monitors, said Bruce Schneier, founder and chief technical officer.
"The number of exploits is growing and they are using it on substantial targets," said Alfred Huger, senior director of engineering at Symantec Corp. security response unit.
Tom Ohlsson, vice president of marketing and business development at Xaffire Inc., formerly called Matrix NetSystems, said his firm had noticed some slowdown in the Web sites it tracks.
Cisco spokesman Jim Brady said there had been "isolated incidents" of attempts to exploit the vulnerability, but that Cisco had "no confirmation of any networks being impacted and there are no reports of successful network attacks."
Earlier this week Cisco began offering software patches that minimize the risk of attacks from the vulnerability.
AT&T Corp. and Sprint Corp. , which operate parts of the main Internet "backbone," said their networks were running smoothly.
"At this point we see no evidence that anyone has launched one of these attacks against a router in our network," said AT&T spokesman Dave Johnson.
"Customers should have no concerns regarding interruption of service as it relates to Sprint," said spokesman Charles Fleckenstein.
"While the appropriate measures have been taken to protect the Sprint Internet backbone, issues may arise with traffic that is handed off to other carriers, if those carriers have not taken the same measures Sprint has," Fleckenstein said.
© Reuters