Blog For Free!
Archives
Home
2008 July
2008 June
2008 May
2008 April
2008 March
2008 February
2008 January
2007 December
2007 November
2007 October
2007 September
2007 July
2007 June
2007 May
2007 April
2007 March
2007 February
2007 January
2006 December
2006 November
2006 October
2006 September
2006 August
2006 July
2006 June
2006 May
2006 April
2006 March
2006 February
2006 January
2005 December
2005 November
2005 October
2005 August
2005 July
2005 June
2005 May
2005 April
2005 March
2005 January
2004 December
2004 November
2004 October
2004 September
2004 August
2004 July
My Links
Global Warming: A Chilling Perspective
Watts Up With That?
Internet Haganah
Jihad Watch
Ponder the Maunder
The Dissident Frogman
Barking-Moonbat EWS
Just Barking Mad!
The Malaria Clock
Project Valour-IT
Islam: Turning everything it touches to Shi'ite since 632 AD...
10 Myths of Islam
tBlog
My Profile
Send tMail
My tFriends
My Images
Sponsored
Blog
| Cisco, ISS file suit against rogue researcher |
| 07.28.05 (5:27 am) [edit] |
|
Robert Lemos, SecurityFocus 2005-07-27 LAS VEGAS--Networking giant Cisco and security company Internet Security Systems filed on Wednesday a restraining order against the management of the Black Hat Conference and a security expert who told conference attendees that attackers can broadly compromise Cisco routers. The legal action followed a presentation by security researcher Michael Lynn, a former ISS employee, who brushed off threats of legal action and a broad effort to delete his presentation from conference materials to warn attendees that malicious programs could be run on Cisco routers. While the information had already been presented by Lynn, a Cisco spokesman said that the companies wanted to prevent further dissemination of inside information about Cisco's routers. "We don't want them to further discuss it," said Cisco spokesman John Noh. "This is about protecting our intellectual property." Three weeks of intense discussions between ISS, the researcher, Cisco, and conference management failed on Wednesday. Two days before, Cisco representatives spent eight hours ripping out the ten-page presentation from the conference book and ISS executives decided to pull the presentation, allowing researcher Lynn to speak on a different topic. In a dramatic reversal on Wednesday, Lynn told attendees he tendered his resignation to ISS less than two hours before he went on stage to present his findings, then proceeded to describe a reliable way to run programs by exploiting the Internet Operating System (IOS), the core software for Cisco routers. "I feel I had to do what's right for the country and the national infrastructure," he said. "It has been confirmed that bad people are working on this (compromising IOS). The right thing to do here is to make sure that everyone knows that it's vulnerable." A majority of the Internet infrastructure relies on Cisco networking hardware to route data from one computer to another. While security researchers have found flaws in the IOS router software in the past, almost all the vulnerabilities have only allowed an attacker to degrade communications in what is known as a denial-of-service attack. Lynn outlined a way to take control of an IOS-based router, using a buffer overflow or a heap overflow, two types of memory vulnerabilities. He demonstrated the attack using a vulnerability that Cisco fixed in April. While that flaw is patched, he stressed that the attack can be used with any new buffer overrun or heap overflow, adding that running code on a router is a serious threat. "When you attack a host machine, you gain control of that machine--when you control a router, you gain control of the network," Lynn said. ISS disavowed any foreknowledge of Lynn's intent to resign and present his findings. Cisco condemned the talk in strong terms that suggested the company may initiate legal action against the researcher and the conference, describing the presentation as the illegal publication of proprietary material. "It is especially regretful, and indefensible, that the Black Hat Conference organizers have given Mr. Lynn a platform to publicly disseminate the information he illegally obtained," the company said in a statement. "We appreciate the cooperation we have received from ISS in this matter. We are working with ISS to continue our joint research in the area of security vulnerabilities." For his part, Black Hat Conference organizer and founder Jeff Moss denied that he had any idea of Lynn's intent. "He told me yesterday that he would do his backup presentation," Moss said after the controversial presentation. Moss said he had worked hard to address Cisco's concerns with the original presentation. "We were in the middle of trying to run a conference and lawyers from Cisco were talking about a temporary restraining order." http://www.securityfocus.com/news/11259" title="http://www.securityfocus.com/news/11259" target="_blank"http://www.securityfocus.com/... |
| 0 Comments |
