Educause Security Discussion mailing list archives
Re: furor over Cisco IOS router exploit erupts at Black Hat
From: Randy Marchany <marchany () VT EDU>
Date: Thu, 28 Jul 2005 16:32:50 -0400
Based upon Cisco's reaction, I'm rather concerned about this material that
has >been shared with the hacker community. While I completely agree with Cisco's reaction to this, let's not forget a couple of things: 1. Black Hat is NOT the only venue that hackers use to exchange info. 2. By the time it gets to Black Hat, it's been in the "underground" hacker forums for quite some time. The word was out already. This wasn't a "i just discovered this hole the day before Black Hat!" situation. Black Hat is like any other conference nowadays --- you have submission deadlines in advance of the event. So, we're talking a 2-6 month window where the exploit was known already. 3. Would we have heard of the problem any earlier if it hadn't been for the flap over this disclosure? -r.
Current thread:
- furor over Cisco IOS router exploit erupts at Black Hat Scott Genung (Jul 28)
- <Possible follow-ups>
- Re: furor over Cisco IOS router exploit erupts at Black Hat Randy Marchany (Jul 28)
- Re: furor over Cisco IOS router exploit erupts at Black Hat Parker, Ron (Jul 28)
- Re: furor over Cisco IOS router exploit erupts at Black Hat Steve Bernard (Jul 28)
- Re: furor over Cisco IOS router exploit erupts at Black Hat Matthew Keller (Jul 29)