- Microsoft Windows chief decries standards grandstanding
- The 5 best, and 5 worst, features of Google Chrome OS
- Federal government using PS3 to crack pedophile passwords
- 10G Ethernet cheat sheet
- Top 10 free Windows tools for IT pros, at a glance
"There are, and always have been, people who know how to crash the Internet but have so far chosen not to do so."
- Stephen Cobb, Certified Information Systems Security Professional and authorof Privacy for Business
Not many of us would choose to step in front of a freight train going at full speed, but last week at the Black Hat Briefings conference in Las Vegas a gentleman by the name of Michael Lynn did more or less just that. Roughly two hours after his resignation from the company Internet Security Systems (ISS) he gave an unsanctioned talk on a Cisco router vulnerability (see story and discuss in our Lynch/Cisco forum ).
Make no mistake; this was a big deal because this vulnerability is potentially very serious. If some lunatic were to exploit it he could bring down the entire Internet. Sure, go back and read that last sentence again. I'm not exaggerating.
In front of a rapt audience of security wonks, Lynn announced, "I'm not giving you a road map to an exploit; I'm trying to prove to you that I've done it." He then demonstrated the hack - reportedly a buffer overflow exploit - without revealing the exact details. It is reported that the exploit took all of 5 seconds.
What Lynn demonstrated was that he could remotely access a Cisco router and gain the highest level of access, which gave him the ability to do anything from degrading performance or monitoring traffic to disabling the router completely.
The problem is that because much of the Internet relies on Cisco routers, this is pretty serious stuff. Cisco did fix this issue some months ago, but - of course - many companies have yet to upgrade their router firmware. Lynn said if the router owners "upgrade their firmware, they'll probably be fine."
Now you might be saying, "But we don't rely on Cisco routers, so we're OK . . . aren't we?" I'm afraid not, my friend, because you do business with other companies (for example, your banks, your partners, your suppliers, your customers) that do use Cisco routers, and if they go offline, then for all intents and purposes so do you. So do we all.
The presentation had apparently previously been approved by Cisco and ISS, but, according to various sources, Cisco got cold feet and wanted the presentation canceled, and ISS acquiesced. But Lynn saw a higher calling, because recently (for the second time) the source code for IOS, the operating system that runs Cisco routers, was stolen.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment