http://www.networkworld.com/news/2005/080805-cisco-routers.html /* ARTICLE Among the developments last week: Cisco continually revised its security bulletin, adding details as to how versions of unpatched IOS software could be undermined by a "specifically crafted IPv6 packet." Sources at Cisco say testing will continue indefinitely and could include findings related to more than simply IPv6-related exploits. */ Ironic the marketing and disinformation coming out of Cisco Systems in relation to not disclosing what really occurred and labeling the vulnerability as "IPv6 based.... but" after they initially stated it as "IPv6 only!" /* ARTICLE The researcher who touched off the uproar, Michael Lynn, says he is now the subject of inquiries by FBI agents, and he continues to defend the propriety of his actions. */ Since when did the FBI decide to play "Corporation Superherosaviour" so blatantly. Mr. Lynn's disclosure while a double edged sword can possibly save the industry from a catastrophe, and while yes it can also cause one, I believe he did the right thing. /* ARTICLE Experts and users say the hole in IOS appears not to be an immediate concern based on what is public knowledge at the moment, since patches are available. But what concerns some is that Lynn's exploit techniques take router hacking to a new level, which eventually could have security implications for Cisco customers. */ This same attitude from vendors is what causes those releasing POC (proof of concept) code to release information on how things break. I recall posting here a while back information on how it would be possible to break neighbors in BGP by causing flaps. I did not post the information with the intent on anyone using that information to cause damage nor was it malicious. I did it under the impression someone in the industry would take a look at it and see what I saw and come up with a solution. To date however... It's been more or less the same: "You're an ass for doing that..." /* ARTICLE While Lynn has settled one lawsuit with Cisco and ISS, agreeing not to disclose anything he knows about the exploit, his problems don't seem to be over. The FBI is investigating him and interviewing friends and roommates, he says. */ Spin spin sugar... Looking at this current situation I'm wondering when did it become a federal offense to break a non disclosure agreement. I can look at this two possible ways now... Are the feds looking at Mr. Lynn because they have something vested in the IOS of Cisco (Carnivore, Magic Lantern), or are they going after him under the guise of "National (in)Security". If it's national (in)security, then why not go after Cisco for allowing this problem to go unresolved when they knew of it months in advance. Anyhow, sorry for the rants... The article is pseudo-worth the read if you can filter out marketing and crapaganda. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo GPG Key ID 0x97B43D89 http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x97B43D89 To conquer the enemy without resorting to war is the most desirable. The highest form of generalship is to conquer the enemy by strategy." - Sun Tzu