INGATE

From The Sip Trunking Experts

[July 28, 2005]

Cisco Seeks to Quiet Software Flaw Talk

(AP) Cisco Seeks to Quiet Software Flaw Talk
By MATTHEW FORDAHL
AP Technology Writer
SAN JOSE, Calif.
Cisco Systems Inc. and a computer security firm ordered pages torn out of a conference's binders and even turned to the courts in an attempt to squelch a researcher's speech on flaws in software that routes data over the Internet. The researcher, Michael Lynn, would not be silenced.


He quit his job and gave a presentation anyway on the potential vulnerability of equipment from the world's largest maker of network routers and switches. Now, Lynn faces legal trouble and the companies -- and security flaw -- are reaping a whirlwind of undesired publicity.

The incident at this week's Black Hat conference in Las Vegas raises the issue of when to go public with a security problem. Security firms and computer vendors generally agree to do so when there's a patch -- or fix -- available.

But it's not always so simple. In the latest case, Lynn and other researchers at Internet Security Systems Inc. discovered a technique that could allow someone to seize control of a Cisco router by exploiting a vulnerability in its operating system.

That flaw was patched in April, but it's possible that the same technique could be used to exploit other vulnerabilities in Cisco routers. Cisco and ISS said they decided to pull out of the talk because the research was premature.

Lynn, who quit his job at Atlanta-based ISS hours before he was scheduled to speak, apparently felt the issue was serious enough to talk about with fellow researchers at the Black Hat conference.

Lynn did not immediately return messages for comment on Thursday.

On Wednesday, he told attendees he had an obligation to report his findings.

"I feel I had to do what's right for the country and the national infrastructure," he said, according to the Web site SecurityFocus.com. "It has been confirmed that bad people are working on this. The right thing to do here is to make sure that everyone knows that it's vulnerable."

And that's the point of the Black Hat conference, said organizer Jeff Moss. The event attracts thousands of computer security experts from business, academia and government.

"The point of the talk was to demonstrate there's a problem -- that you need to update all your software as soon as you can because of these types of problems," said Moss. "It wasn't a roadmap to world destruction."

After the presentation, Cisco and ISS obtained an order from a federal judge in San Francisco forbidding further discussion of the problem. In a court document, the companies claim Lynn illegally reverse-engineered Cisco's source code.

Cisco said it encourages independent research into security but added the company follows standard procedures for disclosure.

"We feel strongly that Mike Lynn's presentation was presented prematurely and did not follow proper industry disclosure rules," the company said in a statement released by spokeswoman Mojgan Khalili.

Chris Rouland, chief technology officer at ISS, said his company and Cisco agreed that the research was premature.

Rouland also said Cisco did not pressure ISS into canceling the presentation that both companies were to have delivered together.

"We decided it would be in everyone's interest to further research the issue and defer it to another security conference," he said.

It's not clear why the decision was made only a few days before the conference was to begin. Moss said ISS first contacted Black Hat several weeks ago about the possibility of pulling presentation material from the handouts given to every attendee.

Until last week, ISS never followed through with a request to actually remove the material.

That changed this week when Cisco and ISS hired a team of temporary workers to yank about 20 pages from thousands of conference binders and replace compact discs with presentation materials.

"The speech had been vetted like two or three times through ISS's PR department. Everything was great, and ISS was contacting the media telling them to come see this talk," Moss said. "Then last Thursday or last Friday there was a total about-face on ISS's part."

[ Back To SIP Trunking Home's Homepage ]

Loading
Subscribe here for your FREE
SIP TRUNKING enewslettter.

Featured Partner


Featured Whitepapers

SIP Security for the Enterprise
Voice over IP (VoIP) is incorporated into a variety of computer networks, both public and private, and used for everyday transactions and communications among carriers, businesses, government agencies...

Making A Broadband Purchase Decision
Businesses today have many options for broadband connectivity. Clarifying your particular business needs prior to selecting a broadband provider will ensure an optimal match of broadband service to your requirements.

Voice-Optimized Network Delivers Premier Call Experience
Customers equate call quality with business quality. Real-time communication, interpersonal interaction, and the cordial tone of a call center representative can create a positive impression of your business that no email can match.

Featured Case Studies

Business Telecom Expenses Reduced 50%
A small to medium sized company in the midwest was interested in migrating to IP Communications, but in today's economy, they were hesitant to upgrade their communication system due to their perception that the cost would outweigh the benefits.

Multi-State Company Cuts Telecom Costs 50%
A multi-site, multi-state company with extensive monthly long distance fees and toll-free charges did not have adequate broadband for Broadvox SIP Trunking requirements, nor did they have a SIP enabled telephone system.

Discover Leisure Connects Remote Users to its IP-PBX
Discover Leisure is one of the largest resellers of caravans and motor homes in the UK. With 15 branch of?ces all over the country, the company spent a great deal of money every month just on internal phone calls.

Featured eBOOKS

Internet+: The Way Toward Global Unified Communication
Connecting the telephony of the enterprise PBX or Unified Communications (UC) system using SIP trunks instead of conventional telephone lines has been very successful in recent years.

What is SIP Trunking? Edition 2
SIP trunking is becoming more of a focus for service providers. One key issue many service providers face when deploying SIP trunks is NAT, or Network Address Translation, traversal.

What is SIP Trunking? Edition 1
A vast resource for information about all things SIP - including SIP, security, VoIP, SIP trunking and Unified Communications.

Featured Videos

Broadvox VAR Testimonial VAR 1:
Part 1 of the VAR (Value Added Reseller) Partner Program Testimonials for Broadvox...

E-SBCs AS The Demarcation Point:
Ingate's Steve Johnson talks to Erik Linask about the role session border controller plays as the demarcation point at...

Demystifying DPI
How can deep packet inspection protect your SIP traffic as well as your entire network?

Featured Resources

Partner Program Overview:
Over 4,000 VARs, Master Agents, Solution Providers, and Independent IT Professionals trust Broadvox. We offer customized services and solutions to fit seamlessly into any company's business model. And when you partner with Broadvox, every member of our team stands behind you and your customers 100%...

SIP Trunk UC Summit

What's New

Presenting the New Ingate/Intertex Website:
Internet+ is an extended Internet access allowing high quality SIP (Session Initiation Protocol) based real-time person-to-person communication, everywhere and for any application. It applies to both fixed and mobile networks ...

Featured Blogs

Featured Webinars

Secure SIP Trunking:
What You Need to Know

Successfully Deploying Enterprise SIP Trunking:
Tools and Techniques for Overcoming Common Roadblocks

Featured Podcasts

Getting the Most Out of Your SIP Trunks:
Ingate's Steve Johnson and TMC's Erik Linask discuss how best practices forgetting the most out of SIP Trunking services and common pitfalls to avoid.

Featured Datasheets

Ingate SIParator E-SBCs
Adopting SIP is a simple process with the Ingate SIParator, the secure enterprise session border controller (E-SBC). The SIParator makes secure SIP communications - including VoIP,SIP trunking and more - possible while working seamlessly with your existing network firewall.

Ingate Firewalls
Everyone is talking about enterprise usage of VoIP, instant messaging and other types of realtime communications including presence and conferencing.

SIP Trunk Solutions for Service Providers
The award-winning Ingate Firewall and Ingate SIParator deliver a high quality, reliable SIP trunk connection between the customer's IP-PBX and the service provider network, and solve interoperability issues to simplify deployments and support for remote diagnosis of reported issues.