Dailydave mailing list archives
RE: Lynn / Cisco shellcode
From: surreal () delusory org
Date: Fri, 29 Jul 2005 07:57:11 -0700
Mike stated clearly and more than once that he didn't have access to source. You can choose to believe whatever you want, and unfortunately, there's no record to refute all the BS out now. He mentioned that the source *had* been stolen twice in recent history, but he didn't have any source code. He also explained how you can google up instructions (in Chinese) on hooking a debugger to the router, and how handy the 'dump memory' command is - he asked if anyone had legitimately used "dump memory" in their work and one (1) person in the audience raised his hand. It's unfortunate that the talk has been censored out of existence. He had generally complimentary things to say about Cisco coders and ISS, and nothing you could walk away with and 0wn the internet without months of work *and* a time machine. Well, he touched on how Cisco is poised to lower the bar for future attackers by virtualizing the ... (memory error) so that all offsets will be identical across their hardware line; that doesn't bode well. If people could watch the video and see what he *actually* said and did, they'd chill. I gotta go stand in line in the heat now ;-) Surreal
From: "Thor Larholm" <thor () pivx com>While Lynn worked at ISS he was doing a source code analysis forCisco.uh, no he didn't. where did you pull this idea from?From the press, from the rumour mill, from everybody who was actuallytalking about it. It made a lot of sense that Lynn would have done a source code analysis and thus simply have broken his NDA. I choose to believe this as it would mean Cisco and ISS were not trying to silence security research, especially considering that the people attending the show did not talk about any new vulnerabilities being disclosed, just OIS system internals. In other words, I'm giving you the benefit of doubt, trusting that you simply handled the press situation badly. Cisco and ISS didn't talk about any specifics, but I would love to hear you explain what actually happened. Or at least point us to copies of the lawsuit. We're all just curious about what could necessitate the need for silence. Regards Thor Larholm Senior Security Researcher PivX Solutions 23 Corporate Plaza #280 Newport Beach, CA 92660 http://www.pivx.com thor () pivx com Stock symbol: (PIVX.OB) Phone: +1 (949) 231-8496 PGP: 0x4207AEE9 B5AB D1A4 D4FD 5731 89D6 20CD 5BDB 3D99 4207 AEE9 PivX defines a new genre in Desktop Security: Proactive Threat Mitigation. <http://www.pivx.com/qwikfix> _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: Lynn / Cisco shellcode, (continued)
- Re: Lynn / Cisco shellcode Ejovi Nuwere (Jul 28)
- Re: Lynn / Cisco shellcode Michael Silk (Jul 28)
- Re: Lynn / Cisco shellcode Michael J Freeman (Jul 28)
- Re: Lynn / Cisco shellcode Pukhraj Singh (Jul 29)
- RE: Lynn / Cisco shellcode Todd Towles (Jul 28)
- RE: Lynn / Cisco shellcode Dowd, Mark (ISS Atlanta) (Jul 28)
- RE: Lynn / Cisco shellcode Dennis Cox (Jul 28)
- RE: Lynn / Cisco shellcode Dennis Cox (Jul 28)
- RE: Lynn / Cisco shellcode Michael J Freeman (Jul 28)
- RE: Lynn / Cisco shellcode Thor Larholm (Jul 29)
- RE: Lynn / Cisco shellcode surreal (Jul 29)
- Re: Lynn / Cisco shellcode Ron Guerin (Jul 29)
- Re: Lynn / Cisco shellcode Anthony Zboralski (Jul 29)
- Re: Lynn / Cisco shellcode Thor Larholm (Jul 29)
- RE: Lynn / Cisco shellcode surreal (Jul 29)
- Re: Lynn / Cisco shellcode Ejovi Nuwere (Jul 30)
- Re: Lynn / Cisco shellcode Ejovi Nuwere (Jul 30)
- Re: Lynn / Cisco shellcode Nicholas Cross (Aug 01)
- Re: Lynn / Cisco shellcode Ejovi Nuwere (Jul 30)