[75121] in North American Network Operators' Group
Light Reading: PIX Source Code For Sale
daemon@ATHENA.MIT.EDU (frank@dticonsulting.com)
Fri Nov 5 08:43:43 2004
From: <frank@dticonsulting.com>
To: cidr-report@potaroo.net
Date: Fri, 05 Nov 2004 07:43:05 -0600
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
Black Market Offers Cisco's PIX [Firewall Source Code]=0D
=0D
NOVEMBER 05, 2004 =0D
=0D
Source code for Cisco Systems Inc.'s (Nasdaq: CSCO - message board) PIX fir=
ewall is up for sale. Too bad =0D
it's not Cisco doing the selling.=0D
=0D
An underground group known as the Source Code Collective is offering PIX ve=
rsion 6.3.1 for $24,000, =0D
according to a newsletter posted by the group to Usenet on Halloween. =0D
=0D
Little is known about SCC. The group debuted in July with an offer to sell =
source code from Enterasys =0D
Networks Inc.'s (NYSE: ETS - message board) Dragon Intrusion Defense System=
for $16,000 as well as Napster =0D
server and client source code for $10,000. Those prices have since gone up =
to $19,200 and $12,000, =0D
according to the recent newsletter.=0D
=0D
Those aren't the only companies in SCC's sights. The newsletter claims the =
group has virtual reams of =0D
source code to sell, but a full list is only available to previous buyers. =
"If you are requesting something =0D
from a Fortune 100 company, there is a good chance that we might already ha=
ve it," the newsletter says. SCC =0D
even takes requests, supposedly assigning a team of hackers to retrieve sou=
rce code for a price.=0D
=0D
The newsletters are posted by someone calling himself "Larry Hobbles" with =
an email address registered to a =0D
South African domain. SCC originally did its selling through a Web site reg=
istered to a Ukrainian domain -- =0D
they're a very cosmopolitan crew -- but had to drop that business model, ci=
ting concerns from customers. =0D
SCC now communicates with customers through email and Usenet only.=0D
=0D
To allay concerns of authenticity, SCC is willing to sell its code in chunk=
s, allowing the customer to =0D
verify that the product appears genuine before purchasing the whole thing. =
=0D
=0D
The PIX sale is Cisco's second significant source-code scandal this year. I=
n May, hackers claimed to have =0D
stolen the code for one version of the company's Internetwork Operating Sys=
tem (IOS) and posted part of the =0D
bounty on a Russian Web site. A British man was arrested in September, but =
few other details of the =0D
investigation have emerged. (See Cisco's IOS Code 'Compromised' and Cisco C=
ode Hacker Arrested .)=0D
=0D
=97 Craig Matsumoto, Senior Editor, Light Reading=0D
=0D
http://www.lightreading.com/document.asp?site=3Dlightreading&doc_id=3D62317=
=0D
---------------------------------------------------------------=0D
=0D
frank@fttx.org=0D
