Tuesday, August 02, 2005

Exploit writers team up to target Cisco routers

LAS VEGAS In a room at the Alexis Park Hotel, a nightmare scenario for Cisco has begun to unfold.

It's Saturday night, a time for blowout parties at the annual DEF CON hacker convention, including the Goth-flavored Black and White Ball. But a half dozen researchers in the nondescript room quietly drink, stare at the screens of their laptops, and in low voices, discuss how to compromise two flat metal boxes sitting on a sofa side table: Cisco routers.

They argue that it's the logical conclusion to Cisco's attempts to censor a presentation given by Michael Lynn, a security researcher who resigned from his company, Internet Security Systems, to present his method for compromising and running code on Cisco routers at the Black Hat Security Briefings earlier this week.

The companies made good on legal threats, settling on Thursday with Lynn, who signed a permanent injunction preventing him from using the presentation or disseminating the information at either Black Hat or the following DEF CON convention.

The legal tactics acted to mobilize security researchers and hackers at the shows to glean whatever information they could about the methods used by Lynn and reproduce his work.

Source

No comments: