Announcement

Collapse
No announcement yet.

Michael Lynn

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Michael Lynn

    Jesus christ, did anyone attending blackhat manage to get the materials for Michael Lynns talk on cisco router vulnerabilities?

    http://blogs.washingtonpost.com/secu...hat_day_1.html
    http://www.crn.com/sections/breaking...leId=166403096
    (links ripped from slashdot)
    Lynn began his talk with a discussion about security issues surrounding services that allow people to make Internet-based telephone calls. Then, they said, Lynn suddenly changed topics and began discussing the highly technical details of his research into the Cisco flaw, saying he would rather quit his job at ISS than keep the information from conference attendees.

    In a nutshell, those in the room said Lynn demonstrated how attackers might use the security flaw to gain complete control over Cisco routers.
    People are saying blackhat employees spent the morning ripping his paper out of all the conference proceedings.

  • #2
    http://blogs.washingtonpost.com/secu..._to_cisco.html

    This is an article with some other information from an interview with Abaddon and some hinting at criminal charges being filed.

    It will be interesting to see if any presentation material floats up. Cisco is trying to do major damage control and spin on this one.

    Psyiode

    PS. See you all tonight!

    Comment


    • #3
      Here's the Lynn presentation -- ALLEGEDLY

      It's all over the net.

      Defcon should have a copy, then.

      Comment


      • #4
        Originally posted by zadok0552
        It's all over the net.

        Defcon should have a copy, then.

        When your title says "Here's" (Here is), one would think that you are presenting it, but you didn't. (ex. "Here's the remote, I found it") If you know of a place that has it, why not share it with everyone instead of just stating its existence.
        Answering easy questions since 1987
        Si Dieu est pour moi, qui peut ĂȘtre contre moi?

        Comment


        • #5
          Originally posted by zadok0552
          It's all over the net.
          Defcon should have a copy, then.
          It may be out there, but some of the organizers of DefCon also organize and work with BH, and after reading the following, you can probably not expect official BlackHat or DefCon sites to offer this document.

          Yes, it appears to be out there, but don't expect to see it served here any time soon.

          Comment


          • #6
            Originally posted by TheCotMan
            Yes, it appears to be out there, but don't expect to see it served here any time soon.
            I've been unable to find it, alas my google-foo is lacking. Must ask though. By the above quote are you implying you guys (the mods/admins) would delete/edit any links to the information or just that it will be a while before it shows up in public circulation?
            -zac
            %54%68%69%73%20%69%73%20%6E%6F%74%20%68%65%78

            Comment


            • #7
              Originally posted by pr0zac0x2a
              I've been unable to find it, alas my google-foo is lacking. Must ask though. By the above quote are you implying you guys (the mods/admins) would delete/edit any links to the information or just that it will be a while before it shows up in public circulation?
              -zac
              My google-fu worked.

              There are not many mods active ATM, and we do not have any official capacity to state what will be done and we have no word on what should be done.

              However, to be safe, please do not post links* to the PDF file that has been served out there from at least one news article about Cisco ISS and "michael lynn". To link to such an article might put us in an difficult place. :-/ Even a link to a search might be bad.

              Thanks,

              * Unless there is official word on it being OK handed down from the powers that be.

              Side notes to the above:
              I do not like Censorship, but what is worse? Loss of forums if Cisco required them to be down for evidence because of the reported restraining order, or future court case, or censorship of links to this one pdf?

              These are rhetorical questions.... And I do not need any rhetorical answers. ;-)

              Comment


              • #8
                Originally posted by TheCotMan
                My google-fu worked.

                There are not many mods active ATM, and we do not have any official capacity to state what will be done and we have no word on what should be done.

                However, to be safe, please do not post links* to the PDF file that has been served out there from at least one news article about Cisco ISS and "michael lynn". To link to such an article might put us in an difficult place. :-/ Even a link to a search might be bad.

                Thanks,

                * Unless there is official word on it being OK handed down from the powers that be.

                Side notes to the above:
                I do not like Censorship, but what is worse? Loss of forums if Cisco required them to be down for evidence because of the reported restraining order, or future court case, or censorship of links to this one pdf?

                These are rhetorical questions.... And I do not need any rhetorical answers. ;-)

                Understandable, no reason to unnecessarily get in the middle of someone else's battle. You are right however, 15 more minutes of looking and its now downloading. Anyone who really wants it can get it. Interested to see if this information is as volatile as Cisco is implying.

                -zac
                %54%68%69%73%20%69%73%20%6E%6F%74%20%68%65%78

                Comment


                • #9
                  I am still researching to find out all of the info before I can form a legitimate opinion, but here is another good article to add to the list.
                  In a world without walls and fences, who needs Windows and Gates?

                  Comment


                  • #10
                    This article was very entertaining. It cleared up a few misconceptions that I had generated from other media source.
                    if it gets me nowhere, I'll go there proud; and I'm gonna go there free.

                    Comment


                    • #11
                      Copy of his presentation here -

                      Copy of the nine page fax from IOS's lawyers for cease and desist - www.usisucks.com/lynn-lawyers.pdf

                      I will keep the file up as long as I can.
                      Last edited by octalpus; August 3, 2005, 04:29.
                      strangle me with your never-ending optimism...

                      Comment


                      • #12
                        Originally posted by usisucks
                        Copy of his presentation here -

                        Copy of the nine page fax from IOS's lawyers for cease and desist - www.usisucks.com/lynn-lawyers.pdf

                        I will keep the file up as long as I can.

                        As mentioned by other mods earlier in the thread, we cannot be linking to that presentation. Feel free to post articles and other supporting evidence, but if anyone wants the materials, they're gonna have to google. It's not hard to find.
                        the fresh princess of 1338

                        What did I do to make you think I give a shit?

                        Comment


                        • #13
                          Originally posted by octalpus
                          Feel free to post articles and other supporting evidence, but if anyone wants the materials, they're gonna have to google. It's not hard to find.
                          http://www.wired.com/news/politics/0...w=wn_tophead_3

                          Comment


                          • #14
                            Video Clips

                            Here's a link to a video clip of some Cisco employees tearing pages out of the Blackhat manuals. I found it rather amusing,

                            http://downloads.oreilly.com/make/cisco.mov
                            jur1st, esq.

                            Comment


                            • #15
                              So we can't link to it....

                              But am i allowed to say where it might be found, especially as a presenter whom I shall not name said so at Defcon?

                              If I were to say that a good place to look for clues was a CRYPTOgraphy site that made ME happy?
                              ACBRNYFPGTFOFMSE...what if I wrote it in code where you look at every second letter?

                              .............................
                              It says press Any key...
                              *blink*
                              but which one's the any key?!

                              Comment

                              Working...
                              X