Michael Lynn Slides Available

Many of you have probably heard about Michael Lynn, the ISS employee who figured out how to get a remote shell on a Cisco router using both buffer overflow attacks and heap overflow attacks. Cisco has worked hard to suppress this information. Lynn was scheduled to give a presentation at DEFCON, the hacker convention. Cisco sent temporary workers to the presentation to cut out Lynn’s presentation from the conference book and seize all of the CDROMs his the presentation.

Lynn ended up giving his presentation anyway, much to Cisco’s chagrin. A copy of Lynn’s presentation leaked onto infowarrior.org website, but Cisco’s attorneys sent the website a cease-and-desist letter forcing them to take it down.

Well, you can get a copy of the Lynn presentation now from the Cryptome website. And let me tell you, it’s worth reading. It has enough details to make it clear why Cisco has been free of these kinds of exploits for so long, and also to make it clear that Cisco’s rein as a relatively hack-free operating system is now over.

Cryptome has a long history of posting relatively objectionable information that other people would like to keep secret. It will be interesting to see how long they can hold off Cisco’s attack dogs.

Michael Lynn: Cisco IOS Shellcode (PDF)

Cisco Security Advisory on IOS Exploit

Comments on the Lynn Cisco Presentation

Enjoy!