Re: Holy Grail

[John Kinsella <jlk () thrashyour com>]

Saying that this is IPv6 only is misleading.  The point of Mike's talk
was to show that buffer overflows do more than DOS or reset a Cisco box,
but they can actually be exploited like most things we learn about every
Patch Tuesday.

In the example he used in the talk, he showed off an exploit that took
advantage of a buffer overflow in the IPv6 code, but patching that one
bug does not mean you'll never see this type of exploit again.

Yes, any vendor big or small should realize that if they try to hide
things instead of fixing them and owning up, it's just a matter of time
until we find it for ourselves, and maybe next time the researcher will
be a black hat, also playing secret like Cisco.  

Imagine the PR bruise that will cause.

John

On Fri, Aug 12, 2005 at 12:33:40PM -0400, J. Oquendo wrote:
> Purpose for posting it was, after reading it, there is not enough in my
> opinion to warrant a nuclear lock down on this information. I did this to
> sort of prove a point to those in the industry: "Stop letting vendors sell
> you short." As an engineer they've (Cisco) shortchanged clients using
> their equipment. If it's IPv6 based only, and not that big of a threat,
> then they should see no problem with the information being released.
>
> Before anyone decides to send in legal hounds, take note this is
> searchable via Google... 5 minutes tops with over 100+ sites listing the
> PDF. Sorry Cisco.
>
> On Fri, 12 Aug 2005, Gadi Evron wrote:
>
> > J. Oquendo wrote:
> > > www.infiltrated.net/cisco/holygrail.pdf
> >
> > I find it rather funny, really.
> >
> > Back in defcon, everybody was trading the presentation quietly and eagerly.
> >
> > Then every kiddie started asking if anyone wants it.
> >
> > Then we all got URL's to download it from.
> >
> > Then there was another pass of "psst, want the Lynn presentation?"
> >
> > And eventually, there was a CD placed on every table at defcon with the
> > presentation.
> >
> > Seeing big-time secret-handshake groups take this with a whisper and a
> > "if I know you, email me and I might share it" was a bit silly.
> >
> > Once again every Bad Guy in town had it and the Good Guys didn't want to
> > share under different excuses, some good, some sad.
> >
> > I find that sharing the presentation openly on NANOG is a bit of a bad
> > move because of how some may perceive it and you, but it has become
> > completely silly not to do it. So I ask that people reserve judgment.. I
> > was very tempted to do it myself.
> >
> >       Gadi.
>
>
>
>
> =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> J. Oquendo
> GPG Key ID 0x97B43D89
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x97B43D89
>
> To conquer the enemy without resorting to war is the most
> desirable.  The highest form of generalship is to conquer
> the enemy by strategy." - Sun Tzu