Cisco Pix Source code - Not new but interesting
Results 1 to 3 of 3

Thread: Cisco Pix Source code - Not new but interesting

  1. #1
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197

    Cisco Pix Source code - Not new but interesting

    Interesting release from the "owners" of the code.... Anyone wanna be a "private member"

    I haven't seen this posted on Bugtraq yet so I thought I'd pass it along.


    Cheers!

    Brian Graham
    Systems Administrator, NEGT

    ----------------------------------------------------------------
    To err is human... to really foul up requires the root password.
    ----------------------------------------------------------------

    /"\
    \ /
    X ASCII Ribbon Campaign
    / \ Against HTML Email



    -----Original Message-----
    From: energyadmin@energyisac.com [mailto:energyadmin@energyisac.com]
    Sent: Thursday, November 04, 2004 4:54 PM
    To: Beadel, James
    Subject: Hacker Group back again, this time claiming to have source code
    to Cisco PIX firewall




    ---------------------------------------------------------------------
    THREAT ALERT from the ENERGY ISAC
    ---------------------------------------------------------------------

    Record 1 of 1
    Hacker Group back again, this time claiming to have source code to Cisco PIX firewall

    Advisory ID: 2004-11-018

    Date/Time Reported (GMT): 11/4/2004 9:45 PM

    Title: Hacker Group back again, this time claiming to have source code to Cisco PIX firewall (https://www1.energyisac.com/?request...%26Id%3d369816)

    Risk: 2

    Type of Threat: Piracy of Software

    Business Impact: N/A

    Summary:
    The Source Code Club (SCC) is reportedly back in business. Last July the anonymous hacker group began peddling proprietary source code to an older version of Enterasys Network's Dragon IDS software (refer to ISAC Advisory ID 2004-07-061). SCC appears to have resurfaced, this time claiming to have a copy of the source code for a recent version of Cisco System's PIX firewall.

    A member of the SCC posted a message to the alt.gaps.international.sales Usenet newsgroup on Monday, November 2nd, stating that the group is now selling the code for the PIX 6.3.1 firewall firmware for $24,000. Cisco released the latest version (6.3.4) of the firmware this summer.

    Technology:

    Description:
    The following text was extracted from the SCC members (aka Larry Hobbles) posting:

    SCC is proud to announce the general availability of Cisco Pix 6.3.1 source
    code. This release is significant because pix is vital to the security
    of many ultra-secure networks.

    With the ubiquity of pix devices these days, we see a huge market for such
    code. Many intelligence agencies/government organizations will want to
    know if those 1's and 0's in the pix image really are doing what was
    advertised. You must ask yourself how well you trust the pix images you
    download to your appliance from cisco.com.

    After reading the code, you may build the source code with one of the many
    Makefiles provided in the distribution to create your own in-house pix images.
    Sleep well at night knowing exactly what is sitting in your pix device's
    memory. Scroll down to the Buy section below for more information.

    The price of Enterasys IDS and Napster has been raised.

    SCC is a dynamic entity, always evolving and trying out new ways of doing
    things. We have made a few changes in the way we operate, all for the
    better.

    We are now offering some buyer incentives. After you purchase one full
    source from SCC, you become a private member. Private members get access
    to lists of sources that are not available to the general public. This
    list may contain sources that have been deemed to sensitive to put up
    for public buying, or it may contain sources that we plan on releasing
    in the future to public buyers. Private members not only get many months
    advance buying power to the sources, but will also pay less for sources
    than non-members.

    The source you purchase to become a private member can be any source, no
    matter how cheap or expensive. This means you will purchase every 'part'
    of the source before becoming a private member.

    We keep track of who is a private member by your PGP public key. This way
    a customer may always approach us from any anonymous place, and we can
    always verify he/she is a member by the public key. So do not destroy those
    PGP keys!

    SCC

    Buy
    ===

    SCC is currently offering:

    o Cisco Pix 6.3.1-release source code (NEW!)
    o Enterasys network and host IDS source code and design documentation
    o Napster source code repository

    Buying Options:
    1) All at once
    2) Piece by piece

    Buying Instructions:
    Email us with our PGP key to tell us how many pieces of which
    package you wish to purchase (read FAQ if you are confused). PUT
    YOUR PUBLIC PGP KEY INSIDE THE MESSAGE SO WE CAN RESPOND TO YOU.
    We will not take orders from anyone not using PGP.

    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

    Cisco Pix Information:

    Cisco Pix is one of the leading firewall security applications on
    the market. This firewall provides security, ipsec, vpn, intrusion
    protection, network monitoring, and much more services that can be used
    on small personal & business networks and massive gigabit carrier networks.
    For more information on this product and many other great products, please
    visit www.cisco.com ( http://www.cisco.com/ ) .

    The source package includes all sources and 'make' files to compile your own
    in-house pix images using the gcc compiler, suitable to be loaded into a pix
    appliance.

    Interested?

    Any company interested in benefiting from a product that has turned Cisco
    Enterprises into a leading key player in the networking market will be happy
    to know that we are offering Cisco Pix 6.3.1 complete source code for
    only $24,000 USD.

    What will i get in this package you offer?

    1) Complete source code to the entire Cisco Pix archive
    2) Build scripts used by developers to test pix on a multitude of platforms

    Buying options:

    1) All at once:

    The size of pix.full is 37.5 Megabytes (121 Megabytes unpacked)
    The price of the entire archive is $24,000 USD

    2) Piece by Piece:

    We are also offering the archive in 20 separate pieces at: $1,200
    USD per piece. You are allowed to buy multiple pieces at once.
    Pieces must be purchased in sequential order.

    Each piece (pieces pix.part1 through pix.part20) is roughly 1.9 Megabytes

    Recommendations: N/A

    Source(s): http://www.eweek.com/print_article2/...=138478,00.asp ( http://www.eweek.com/print_article2/...=138478,00.asp )
    http://www.internetweek.com/allStori...cleID=51202582 ( http://www.internetweek.com/allStori...cleID=51202582 )
    http://www.techworld.com/security/ne...fm?NewsID=2546 ( http://www.techworld.com/security/ne...fm?NewsID=2546 )
    http://www.computerweekly.com/articl...avourID=1&sp=1 ( http://www.computerweekly.com/articl...avourID=1&sp=1 )

    Change History:



    ---------------------------------------------------------------------
    The content presented in this alert is provided by the ENERGY ISAC. You are receiving this because you have subscribed to a notification service through the ENERGY ISAC. If you would like to unsubscribe to this notification service, please modify your notification subscription settings in the ENERGY ISAC.
    ---------------------------------------------------------------------
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  2. #2
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    Seems like an FBI sting operation or something. It reminds me of one of those undercover operations where they send a bunch of wanted criminals notices that they have won a new car or something and then just arrest them as they show up to claim the prize.

    Even if its not, I wouldn't want my name on their "member" list when the FBI or Interpol finds them.

  3. #3
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Interesting concept using the pgp key as identification too......

    .... and Larry Hobbles sounds like a sentence not a name.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •