Language Selection

English French German Italian Portuguese Spanish

Black Hat conference: Cisco IOS often targeted by hackers

Filed under
Security

IT professionals constantly worry about the next computer virus or worm, but there is a greater threat that is often ignored - Cisco routers. While many people think of the router as a hardware device, Cisco IOS, the software that powers the vast majority of routers is vulnerable to attack. Today, at the Black Hat computer security conference in Las Vegas, security expert Michael Lynn demonstrated just how easily a router can be taken over.

Routers are vital to the Internet as they route and prioritize traffic around the world. Using various techniques that we will explain in a later article, Lynn was able to move memory values within a Cisco router, thereby gaining the "enable" prompt or administrator access.

Full Article.

Cisco hits back at flaw researcher

Cisco Systems has taken legal action to keep a researcher from further discussing a hack into its router software.

The networking giant and Internet Security Systems jointly filed a request Wednesday for a temporary restraining order against Michael Lynn and the organizers of the Black Hat security conference.

Lynn alledgedly decompiled Cisco's software for his research and by doing so violated the company's rights. "It is our belief that the information that Lynn presented at Black Hat this morning is information that was illegally obtained and violated our intellectual property rights," a Cisco spokesman said.

Full Story.

----
You talk the talk, but do you waddle the waddle?

Researcher Lost Job after Cisco presentation

The Michael Lynn story keeps getting more interesting. The computer security researcher lost his job at Internet Security Systems today after he briefed Black Hat conference attendees about a flaw in the software that powers Internet routers made by Cisco Systems. The latest is that Lynn has been served with a temporary restraining order designed to prevent him from discussing any more details about the flaw.

Full Story.

----
You talk the talk, but do you waddle the waddle?

Flaw researcher settles dispute with Cisco

Michael Lynn, a former Internet Security Systems researcher, and the Black Hat organizers agreed to a permanent injunction barring them from further discussing the presentation Lynn gave Wednesday. The presentation showed how attackers could take over Cisco routers, a problem that Lynn said could bring the Internet to its knees.

The injunction also requires Lynn to return any materials and disassembled code related to Cisco, according to a copy of the injunction, which was filed in U.S. District Court for the District of Northern California. The injunction was agreed on by attorneys for Lynn, Black Hat, ISS and Cisco.

Lynn is also forbidden to make any further presentations at the Black Hat event, which ends Thursday, or the following Defcon event. Additionally, Lynn and Black Hat have agreed never to disseminate a video made of Lynn's presentation and to deliver to Cisco any video recording made of Lynn.

Full Story.

----
You talk the talk, but do you waddle the waddle?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

More on Tesla's Compliance

10 Best Open Source Forum Software for Linux

A forum is a discussion platform where related ideas and views on a particular issue can be exchanged. You can setup a forum for your site or blog, where your team, customers, fans, patrons, audience, users, advocates, supporters, or friends can hold public or private discussions, as a whole or in smaller groups. If you are planning to launch a forum, and you can’t build your own software from scratch, you can opt for any of the existing forum applications out there. Some forum applications allow you to setup only a single discussion site on a single installation, while others support multiple-forums for a single installation instance. In this article, we will review 10 best open source forum software for Linux systems. By the end of this article, you will know exactly which open source forum software best suites your needs. Read more

(K)Ubuntu: Playing' Tennis and Dropping 32-bit

  • Tennibot is a really cool Ubuntu Linux-powered tennis ball collecting robot
    Linux isn't just a hobby --  the kernel largely powers the web, for instance. Not only is Linux on many web servers, but it is also found on the most popular consumer operating system in the world -- Android. Why is this? Well, the open source kernel scales very well, making it ideal for many projects. True, Linux's share of the desktop is still minuscule, but sometimes slow and steady wins the race -- watch out, Windows! A good example of Linux's scalability is a new robot powered by Linux which was recently featured on the official Ubuntu Blog. Called "Tennibot," the Ubuntu-powered bot seeks out and collects tennis balls. Not only does it offer convenience, but it can save the buyer a lot of money too -- potentially thousands of dollars per year as this calculator shows. So yeah, a not world-changing product, but still very neat nonetheless. In fact, it highlights that Linux isn't just behind boring nerdy stuff, but fun things too.
  • Kubuntu Drops 32-bit Install Images
    If you were planning to grab a Kubuntu 18.10 32-bit download this October you will want to look away now. Kubuntu has confirmed plans to join the rest of the Ubuntu flavour family and drop 32-bit installer images going forward. This means there will be no 32-bit Kubuntu 18.10 disc image available to download later this year.

Suitcase Computer Reborn with Raspberry Pi Inside

Fun fact, the Osborne 1 debuted with a price tag equivalent to about $5,000 in today’s value. With a gigantic 9″ screen and twin floppy drives (for making mix tapes, right?) the real miracle of the machine was its portability, something unheard of at the time. The retrocomputing trend is to lovingly and carefully restore these old machines to their former glory, regardless of how clunky or underpowered they are by modern standards. But sometimes they can’t be saved yet it’s still possible to gut and rebuild the machine with modern hardware, like with this Raspberry Pi used to revive an Osborne 1. Purists will turn their nose up at this one, and we admit that this one feels a little like “restoring” radios from the 30s by chucking out the original chassis and throwing in a streaming player. But [koff1979] went to a lot of effort to keep the original Osborne look and feel in the final product. We imagine that with the original guts replaced by a Pi and a small LCD display taking the place of the 80 character by 24 line CRT, the machine is less strain on the shoulder when carrying it around. (We hear the original Osborne 1 was portable in the same way that an anvil is technically portable.) The Pi runs an emulator to get the original CP/M experience; it even runs Wordstar. The tricky part about this build was making the original keyboard talk to the Pi, which was accomplished with an Arduino that translates key presses to USB. Read more