[82816] in North American Network Operators' Group
RE: Boing Boing: Michael Lynn's controversial Cisco security presentation
daemon@ATHENA.MIT.EDU (Buhrmaster, Gary)
Fri Jul 29 11:57:12 2005
Date: Fri, 29 Jul 2005 08:56:40 -0700
From: "Buhrmaster, Gary" <gtb@slac.stanford.edu>
To: "Fergie (Paul Ferguson)" <fergdawg@netzero.net>,
<nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
Would this not be a great way to infect thousands of
network operations systems due to a PDF exploit? It
is like "free beer" to many network operators, they
just *have* to consume it. One could take control
of the "network" by taking control of the systems
of the people operating it and silently watch
for the passwords, names, ip addresses that will
enable one to take control later.
I know, I am just being paranoid. There has never
been an exploitable PDF exploit. Oh, wait, there
has been :-)
One has to admit it would be one hell of a
combined social engineering and technical
exploit if it could be pulled off.
Gary
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On=20
> Behalf Of Fergie (Paul Ferguson)
> Sent: Friday, July 29, 2005 7:19 AM
> To: nanog@merit.edu
> Subject: Boing Boing: Michael Lynn's controversial Cisco=20
> security presentation=20
>=20
>=20
>=20
> Over on Boing Boing:
>=20
> [snip]
>=20
> Here's a PDF that purports to be Michael Lynn's presentation=20
> on Cisco's critical vulnerabilities ("The Holy Grail: Cisco=20
> IOS Shellcode And Exploitation Techniques"), delivered at=20
> last week's Black Hat conference. Lynn's employer, ISS,=20
> wouldn't let him deliver the talk (they'd been leant on by=20
> Cisco), so Lynn quit his job, walked onstage and delivered it=20
> anyway. (See yesterday's post and Scheneier's take for more).=20
> 1.9MB PDF Link
>=20
> [snip]
>=20
> http://www.boingboing.net/2005/07/29/michael_lynns_contro.html
>=20
> I think these guys better prepare for the "slashdot effect"...
>=20
> :-)
>=20
> - ferg
>=20
> --
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> fergdawg@netzero.net or fergdawg@sbcglobal.net
> ferg's tech blog: http://fergdawg.blogspot.com/
>=20
