Furor over Cisco IOS router exploit erupts at Black Hat - Network World

Skip Links

DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Security

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library.  Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.
Audio

Hacker writes Cisco rootkit; Microsoft launches online telescope. Listen now!

Network World 360

Wireless dangers at airports. Listen now!

Network World Panorama

Additional Resources

RSS

FEATURED REPORTS

Executive Guide: Storage Heats Up HP

Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.

RSS

FEATURED WEBCASTS

Get Real-world Advice on how to Cost Effectively Consolidate your Data Center Novell

Discover the benefits of paravirtualization in this informative webcast today. This server virtualization-themed webcast not only explores how to improve virtualized server performance, but provides real-world user examples, explains how to optimize workloads and discusses the future of server virtualization. Focus on only the themes that interest you or watch all six consecutively for a full picture of how you can lower your costs significantly through consolidation and virtualization. Register below to learn more and be entered to win an Archos 605 Portable Media Player.

IT Buyer's Guides

View All Buyer's Guides

Free Newsletters

Sign up and receive the latest news, reviews and trends on your favorite technology topics

Save The Date!
What They Are Saying

I'm an American, and my government-funded schools taught me that government censorship is bad! It's...- Ben

Join the Discussion

Furor over Cisco IOS router exploit erupts at Black Hat

By Ellen Messmer , Network World , 07/28/2005
  • Social Web 
  • Email 
  • Feedback 
  • Close

Although Cisco and Internet Security Systems had abruptly cancelled a planned technical talk and demo at the Black Hat Conference to reveal how unpatched Cisco routers can be remotely compromised, the researcher who had originally uncovered the problem went ahead with the talk anyway, igniting a spate of lawsuits against himself and the Black Hat Conference.


More: Cisco nixes conference session on hacking IOS router code
Researcher at center of Cisco router-exploit controversy speaks out
Cisco, ISS, Michael Lynn and Black Hat sign legal accord
Forum: Who's right?


Michael Lynn, the research analyst at ISS who was asked to resign after his presentation detailing how an attacker can exploit flaws in unpatched Cisco routers to gain total control over them, said he felt compelled to reveal the information because “I felt I had to do what’s right for the country and the national infrastructure.”

Cisco and ISS, claiming it was premature to release the research, saw it differently and immediately filed a lawsuit aimed at compelling him not to discuss the subject further. The Black Hat Conference was also served with a lawsuit by the two companies for allowing Lynn to discuss the exploits associated with Cisco routers.

Black Hat CEO Jeff Moss yesterday said he felt trapped in the middle. “Michael Lynn said he was going to discuss VoIP,” said Moss. “I can’t control a speaker who changes his topic in the middle of a presentation.”

Told by ISS not to discuss the Cisco router exploit, Lynn did begin his presentation at Black Hat on Wednesday with a substitute presentation on VoIP. But the boos from the audience which had come to hear the original topic entitled “The Holy Grail: Cisco IOS Shellcode and Remote Execution,” induced him to switch to the original scheduled topic: the research he carried out at ISS that shows how an attacker can completely take control of a Cisco router through a variety of buffer-overflow attacks and shellcode exploits.

While this type of attack is common against unpatched servers today - several destructive Internet worms in past years have used buffer-overflow attacks to take over Microsoft-based servers - this was believed to be the first demonstration of a buffer-overflow attack against Cisco routers.

1 | 2 | 3 |  Next >
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.
First Name
Last Name
E-mail
Zip Code