Language Selection

English French German Italian Portuguese Spanish

Black Hat conference: Cisco IOS often targeted by hackers

Filed under
Security

IT professionals constantly worry about the next computer virus or worm, but there is a greater threat that is often ignored - Cisco routers. While many people think of the router as a hardware device, Cisco IOS, the software that powers the vast majority of routers is vulnerable to attack. Today, at the Black Hat computer security conference in Las Vegas, security expert Michael Lynn demonstrated just how easily a router can be taken over.

Routers are vital to the Internet as they route and prioritize traffic around the world. Using various techniques that we will explain in a later article, Lynn was able to move memory values within a Cisco router, thereby gaining the "enable" prompt or administrator access.

Full Article.

Cisco hits back at flaw researcher

Cisco Systems has taken legal action to keep a researcher from further discussing a hack into its router software.

The networking giant and Internet Security Systems jointly filed a request Wednesday for a temporary restraining order against Michael Lynn and the organizers of the Black Hat security conference.

Lynn alledgedly decompiled Cisco's software for his research and by doing so violated the company's rights. "It is our belief that the information that Lynn presented at Black Hat this morning is information that was illegally obtained and violated our intellectual property rights," a Cisco spokesman said.

Full Story.

----
You talk the talk, but do you waddle the waddle?

Researcher Lost Job after Cisco presentation

The Michael Lynn story keeps getting more interesting. The computer security researcher lost his job at Internet Security Systems today after he briefed Black Hat conference attendees about a flaw in the software that powers Internet routers made by Cisco Systems. The latest is that Lynn has been served with a temporary restraining order designed to prevent him from discussing any more details about the flaw.

Full Story.

----
You talk the talk, but do you waddle the waddle?

Flaw researcher settles dispute with Cisco

Michael Lynn, a former Internet Security Systems researcher, and the Black Hat organizers agreed to a permanent injunction barring them from further discussing the presentation Lynn gave Wednesday. The presentation showed how attackers could take over Cisco routers, a problem that Lynn said could bring the Internet to its knees.

The injunction also requires Lynn to return any materials and disassembled code related to Cisco, according to a copy of the injunction, which was filed in U.S. District Court for the District of Northern California. The injunction was agreed on by attorneys for Lynn, Black Hat, ISS and Cisco.

Lynn is also forbidden to make any further presentations at the Black Hat event, which ends Thursday, or the following Defcon event. Additionally, Lynn and Black Hat have agreed never to disseminate a video made of Lynn's presentation and to deliver to Cisco any video recording made of Lynn.

Full Story.

----
You talk the talk, but do you waddle the waddle?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

New Google Nexus Leak Confirms 192-Core, 64-bit Apple Rival

Last September Apple AAPL +0.16% caused a stir when it announced iOS 7 and the accompanying iPhone 5S would support 64-bit operation. The move to this much faster architecture gave it the jump on 32-bit rivals Android and Windows Phone and brought Apple’s products in-line with desktop and laptop-class computing. But now Android has caught up and may well go speeding past. No less than three devices lead the charge: a teaser, a leak and an official announcement. Interestingly all come from HTC and the one which will attain by far the most headlines is the new Google ‘Nexus 9’ tablet – also dubbed the ‘Nexus X’ – which will do battle head-on with the iPad mini . Read more

20-Way Radeon Comparison With Open-Source Graphics For Steam On Linux Gaming

When it comes to Linux gamers wanting a discrete graphics card backed by open-source drivers, the only solution right now to truly recommend for those serious about performance and making use of the hardware is really AMD Radeon graphics. While Nouveau has been making much progress, until re-clocking and other issues are worked out the performance can be unbearably slow depending upon the particular graphics processor or run into other problems. (Of course, when talking about proprietary graphics drivers on Linux, the story is entirely different, or if considering integrated Intel HD Graphics.) For those pursuing a AMD Radeon GPU for their own Steam Box/Machine build and hope to use the open-source Gallium3D drivers, here's some Steam on Linux gaming benchmarks from almost two dozen different GPUs. Read more

Ubuntu 14.10 Beta 1 (Utopic Unicorn) to Arrive in a Couple of Days

"So Beta 1 is this week and I'll be taking care of the builds and paperwork. Could participating flavours please get in touch here or on IRC? In the mean time, I'm going to assume a participation similar to Alpha-2 and configure cron, propose-migration and the tracker accordingly, then build a first candidate for each of your flavours," wrote Canonical's Stéphane Graber. Read more

Optimize your Linux rig for top-notch writing

I'm a big fan of Scott Nesbitt's writing, which has a technological bent, but is usually more about working effectively, rather than how tools can make you effective, which is a key distinction. Scott's setup reflects his focus on production rather than tweaking. He has his work tools and everything else is pretty much white noise—which is why LXDE/Lubuntu probably makes a lot of sense for his workflow. It's simple and it stays out of his way. Scott also gets bonus points for moving his family to Linux. That's a tough move, but given that his wife stole his ZaReason laptop, the conversion seems to have taken. Read more