From: Muhammad Saleem (msaleems@gmail.com)
Date: Sat Aug 06 2005 - 03:03:40 GMT-3
http://www.ccie4u.com/lynn-cisco.pdf
complete presentation is available through this link
----- Original Message -----
From: "Bill Creighton (wcreight)" <wcreight@cisco.com>
To: <cisco@groupstudy.com>
Sent: Saturday, August 06, 2005 12:00 AM
Subject: RE: New - Cisco IOS Vulnerability [7:101411]
> Possible, though unlikely since I hit the site immediately after the
> post, and there have subsequent posts stating the same.
> Not to mention the origin address - sales@x.com
>
> There are still several sites with the content of the presentation,
> including interesting posts from Mike Lynn on the topic...
>
> I agree that some sites still have the info - including a .mov video of
> the presentation...
>
>> -----Original Message-----
>> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]
>> Sent: Friday, August 05, 2005 3:03 PM
>> To: cisco@groupstudy.com
>> Subject: RE: New - Cisco IOS Vulnerability [7:101411]
>>
>> Bill Creighton (wcreight) wrote:
>> >
>> > You're not going to find a pdf - it seems to be a poorly
>> crafted sales
>>
>> A more likely explanation is that they had it at their site
>> at one point but then they got scared of what cisco would do
>> to them and took it down. The pdf popped up and then
>> disappeared at many sites. I saved the pdf right away,
>> suspecting this would happen.
>>
>> Priscilla
>>
>>
>> > ploy - it will get you to their site and whoever is sending
>> on behalf
>> > of sales@ccie4u.com is hoping you'll stick around and shop
>> - must be
>> > lean times these days for the ol' ccie4u.com...
>> >
>> > > -----Original Message-----
>> > > From: nobody@groupstudy.com
>> [mailto:nobody@groupstudy.com] On Behalf
>> > > Of sales
>> > > Sent: Wednesday, August 03, 2005 10:39 AM
>> > > To: cisco@groupstudy.com
>> > > Subject: RE: New - Cisco IOS Vulnerability [7:101411]
>> > >
>> > >
>> > > -----Original Message-----
>> > > From: nobody@groupstudy.com
>> [mailto:nobody@groupstudy.com] On Behalf
>> > > Of Manoj koshti
>> > > Sent: Sunday, July 31, 2005 12:41 AM
>> > > To: cisco@groupstudy.com
>> > > Subject: RE: New - Cisco IOS Vulnerability [7:101411]
>> > >
>> > > I do see any pdf on ccie4u ?
>> > > Thanks
>> > > -Manoj
>> > >
>> > > sales wrote:
>> > > Pdf of the lynn presentation available many places including
>> > > www.ccie4u.com/scenarios
>> > >
>> > >
>> > > -----Original Message-----
>> > > From: nobody@groupstudy.com
>> [mailto:nobody@groupstudy.com] On Behalf
>> > > Of Wojtek Zlobicki
>> > > Sent: Friday, July 29, 2005 11:05 PM
>> > > To: cisco@groupstudy.com
>> > > Subject: Re: New - Cisco IOS Vulnerability [7:101411]
>> > >
>> > > This article gives some insight [if real], I still can't
>> find a copy
>> > > of that full pdf presentation
>> > >
>> > > http://www.tomsnetworking.com/Sections-article131-page1.php
>> > >
>> > >
>> > > On 7/29/05, James Willard wrote:
>> > > > I saw this article about it. It's light on the details, but
>> > > does give
>> > > > a
>> > > good
>> > > > amount of information about the situation..
>> > > >
>> > > >
>> > > >
>> > > >
>> > > >
>> > > >
>> > > >
>> > > >
>> > > http://www.datamonitor.com/~6c0cbe7aa390442cbcf6fa2f59959a37~/
>> > industries/new
>> > > >
>> > s/article/?pid=B4177845-FC40-4327-9A17-5E1634C908B2&type=NewsWire
>> > > >
>> > > > James Willard
>> > > > james@whispering.org
>> > > >
>> > > >
>> > > > -----Original Message-----
>> > > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]
>> > > On Behalf
>> > > > Of McDonald Richards
>> > > > Sent: Friday, July 29, 2005 5:26 PM
>> > > > To: cisco@groupstudy.com
>> > > > Subject: RE: New - Cisco IOS Vulnerability [7:101411]
>> > > >
>> > > > In an article I read yesterday (on theregister.co.uk IIRC)
>> > > it quoted
>> > > > Cisco claiming that they believe his research was performed
>> > > by reverse
>> > > engineering
>> > > > the stolen IOS source code that was leaked last year.
>> > > >
>> > > >
>> > > >
>> > > > -----Original Message-----
>> > > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]
>> > > > Sent: Saturday, July 30, 2005 4:07 AM
>> > > > To: cisco@groupstudy.com
>> > > > Subject: RE: New - Cisco IOS Vulnerability [7:101411]
>> > > >
>> > > > Bill Creighton (wcreight) wrote:
>> > > > >
>> > > > > The PSIRT was issued today on CCO:
>> > > > >
>> > > > >
>> > >
>> > http://www.cisco.com/en/US/products/products_security_advisory09186a
>> > > > > 00
>> > > > > 80
>> > > > > 4d82c9.shtml
>> > > >
>> > > > That IPv6 vulnerability is it? I thought the issue was
>> > > broader, having
>> > > > to
>> > > do
>> > > > with the ability to exceute code in general.
>> > > > >
>> > > > > I don't work in legal, but it has broad implications and
>> > > > > historically Cisco is very aggressive about not having
>> > > > > holes/exploits made widely known until they can make the
>> > > fix public.
>> > > >
>> > > > I think the fix is well-known and public and has been for a
>> > while?
>> > > > (Get an updated IOS.)
>> > > >
>> > > > I still say that something doesn't quite add up. I think
>> > > the security
>> > > expert
>> > > > used proprietary info or something.
>> > > >
>> > > > OK, off to read that info that Max posted. It may have more
>> > of the
>> > > > "real story." Thanks.
>> > > >
>> > > > Priscilla
>> > > >
>> > > > > Makes sense, why
>> > > > > would you
>> > > > > want casual hackers attempting to initiate DDOS attacks,
>> > or other
>> > > > > exploits - many wouldn't have known the issue existed
>> > > until hearing
>> > > > > of it at the conference... Gives the holders of the keys
>> > > a chance to
>> > > > > change the locks...
>> > > > >
>> > > > > -Bill
>> > > > >
>> > > > > > -----Original Message-----
>> > > > > > From: nobody@groupstudy.com
>> > [mailto:nobody@groupstudy.com]
>> > > > > > Sent: Friday, July 29, 2005 1:18 PM
>> > > > > > To: cisco@groupstudy.com
>> > > > > > Subject: Re: New - Cisco IOS Vulnerability [7:101411]
>> > > > > >
>> > > > > > Brad Dodds wrote:
>> > > > > > >
>> > > > > > > I am interested to know more about why a federal
>> > > > > > restraining order was
>> > > > > > > placed on this individual (Mike Lynn).
>> > > > > > > Can you enlighten or elaborate?
>> > > > > >
>> > > > > > Lots of buzz about this.
>> > > > > >
>> > > > > > LAS VEGAS -- Networking giant Cisco and security
>> > > company Internet
>> > > > > > Security Systems (ISS) filed for a temporary
>> > > restraining order on
>> > > > > > Wednesday against the management of the Black Hat
>> > > Conference and a
>> > > > > > security expert (Mike Lynn) who told conference
>> > attendees that
>> > > > > > attackers can broadly compromise Cisco routers.
>> > > > > >
>> > > > > > More here:
>> > > > > >
>> > > > > > http://www.securityfocus.com/news/11259
>> > > > > >
>> > > > > > I believe that these weren't new vulnerabilities but
>> > rather new
>> > > > > > exploits that he discussed. It's weird that Cisco
>> > > reacted the way
>> > > > > > that they did.
>> > > > > > There's more to the story that hasn't come out yet, I
>> > suspect.
>> > > > > >
>> > > > > > Priscilla
>> > > > > >
>> > > > > >
>> > > > > > >
>> > > > > > >
>> > > > > > > ""Derek Casanares"" wrote in message
>> > > > > > > news:200507291221.j6TCL6eI010215@groupstudy.com...
>> > > > > > > > The power of money and politics.
>> > > > > > > >
>> > > > > > > > Derek -
>> > > > > > > >
>> > > > > > > > David Ristau wrote:
>> > > > > > > > Boy that was a can of worms, huh? With the Cisco,
>> > ISS,
>> > > > > > > blackhat
>> > > > > > > > conference,
>> > > > > > > > Mike Lynn and the Federal restraining order now put
>> > on
>> > > > > him.
>> > > > > > > Whew!
>> > > > > > > > Best regards,
>> > > > > > > >
>> > > > > > > > Derek Casanares
>> > > > > > > > DerekCasanares@yahoo.com
>> > > > > > > > (281) 698-1113 (voicemail)
>> > > --
>> > > ----------------------------------------
>> > > wojtek.zlobicki@gmail.com
>> > > __________________________________________________
>> > > Do You Yahoo!?
>> > > Tired of spam? Yahoo! Mail has the best spam protection around
>> > > http://mail.yahoo.com
This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:18 GMT-3