Would it be safe to put this IOS Patching off until Monday?
Printable View
Would it be safe to put this IOS Patching off until Monday?
I was at the presentation, and applaud Mike for what he did.
He also pointed out that anyone who has kept their systems up to date with patches is not at risk. However Cisco have some stuff in the pipeline that may make the attack vectors for Cisco a little different (i.e. rather then having to recompile a worm for each version of IOS, one worm will work for all).
A Patch was issued in April that fixed the Vulnerability, but they were just going to keep it to themseleves that it fixes a major bung hole? Am I understanding this correctly?
Well, the other issue seems to be that, while this specific vulnerability has been patched, the underlying deficient code development processes may have created vulnerabilities in other portions of the IOS code.
And as said, other product offerings and changes might be vulnerable.
Hi zencoder,
Looks like he buckled under the pressure...
" Cisco, security researcher settle dispute "
http://www.sanluisobispo.com/mld/san...s/12248404.htmQuote:
Michael Lynn, who left his job at Internet Security Systems Inc. hours before his speech, agreed never to repeat the information he gave at the Black Hat conference in Las Vegas on Wednesday.
He also must return any proprietary Cisco source code in his possession.
AP Wire | 07/28/2005 | Cisco, security researcher settle dispute
as you said...
Eg ;)Quote:
That flaw was patched in April, but it's possible that the same technique could be used to exploit other vulnerabilities in Cisco routers. Lynn said the technique also could lead to the creation of a worm that targets routers, particularly when coupled with an upcoming version of Cisco's operating system.
Well, you could say buckled. I like to think more optimisticly and say he chose to agree to their terms, rather than face a lengthy and/or expensive legal proceeding. Besides, it doesn't really matter to him now...he's already made his point and shared the information. He can easily say "I won't repeat it again" with complete satisfaction that his point has been shared and will be repeated by others now.
;)
If anyone has seen and reviewed his (Lynn's) information - what impact does/would this have on the Cisco security products such as the PIX? I can only guess that the underlying IOS is similar in some respects and therefore vulnerable as well.
Shame, I would have liked to read his report and seen this for myself.
"Shame, I would have liked to read his report and seen this for myself."
www.cryptome.org will help you
Mike did raise the point that for the hole to be used for a worm in the current environment would require a worm to be about 40mb in size...so don`t be too concerned just yet. Cisco are looking at using virtual processes which is going to dratsically alter this and a generic worm could be developed.
The hole affects the Cisco IOS in general, so anything using it is at risk.
And I don`t think he buckled, it was was either that or be sued by ISS and Cisco.
Hi R0n1n,
Isn't that the very definition of buckling? Folding under pressure? He was under the heat and he took the easy way out....I'm not faulting him for that...no sense fighting a war you can't win...still...he caved under the pressure...under the circumstances it was probably the smart thing to do...but the result is the same.Quote:
And I don`t think he buckled, it was was either that or be sued by ISS and Cisco.
Eg ;)