Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Many of you have probably heard about Michael Lynn, the ISS employee who figured out how to get a remote shell on a Cisco router using both buffer overflow attacks and heap overflow attacks. Cisco has worked hard to suppress this information. Lynn was scheduled to give a presentation at DEFCON, the hacker convention. Cisco sent temporary workers to the presentation to cut out Lynn’s presentation from the conference book and seize all of the CDROMs his the presentation.

Lynn ended up giving his presentation anyway, much to Cisco’s chagrin. A copy of Lynn’s presentation leaked onto infowarrior.org website, but Cisco’s attorneys sent the website a cease-and-desist letter forcing them to take it down.

Well, you can get a copy of the Lynn presentation now from the Cryptome website. And let me tell you, it’s worth reading. It has enough details to make it clear why Cisco has been free of these kinds of exploits for so long, and also to make it clear that Cisco’s rein as a relatively hack-free operating system is now over.

Cryptome has a long history of posting relatively objectionable information that other people would like to keep secret. It will be interesting to see how long they can hold off Cisco’s attack dogs.

Michael Lynn: Cisco IOS Shellcode (PDF)

Cisco Security Advisory on IOS Exploit

Comments on the Lynn Cisco Presentation

Enjoy!

0 comments about this story. Start the discussion »

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me