- TalkBack 1 of 11:
- Next »
- Thread View
- Flat View
- Would you hire ISS for security advice?
-
" The companies went to court seeking a gag order against Lynn and the Black Hat organizers. "
ISS are really damaging their own reputation here.
Here, from ISS website:
"Internet Security Systems (ISS) has served as the trusted security advisor to global enterprises and world governments for over a decade."
So if I was a government agency and I found out that ISS knew about a security hole in Cisco routers, that Cisco were told about in April and didn't properly correct it. That ISS colluded with Cisco in keeping this information secret....I don't think I would seek advice from these guys do you?
What he did was correct. A crap lock is a crap lock is a crap lock. Pretending a crap lock is really a good lock and hoping the thieves will be fooled is no security.
http://www.boingboing.net/2005/07/27/security_researcher_.html
"In the latest case, ISS and Lynn contacted Cisco in April to report their process for using a vulnerability in IOS to run a program on a Cisco router. The networking fixed the vulnerability in the operating system, but did nothing to prevent attackers from running programs on the devices using the broad techniques Lynn described, the researcher said.
"During his presentation, Lynn outlined an eight step process using any known, but unpatched flaw, to compromise a Cisco IOS-based router. While he did not publish any vulnerabilities, Lynn said that finding new flaws would not be hard... " - Posted by: Nigel Johnstone Posted on: 07/29/05 You are currently: a Guest | Members login | Terms of Use
Would you hire ISS for security advice?
Nigel Johnstone | 07/29/05
|
Oh and don't buy Cisco Routers either
Nigel Johnstone | 07/29/05
|
Overly simplified.
ShadeTree | 07/29/05
|
Then CISCO+ISS should be liable
Nigel Johnstone | 07/29/05
|
|
I think what is meant is...
John L. Ries | 07/29/05
|
|
Hmmm...
zkiwi | 07/29/05
|
|
No, the concealment is the issue
Nigel Johnstone | 07/29/05
|
|
Oh?
zkiwi | 07/29/05
|
|
They had better be the only culprit
Nigel Johnstone | 07/29/05
|
|
What Cisco tried to suppress was how ...
ShadeTree | 07/29/05
|
|
Shadetree, from CISCO own comments
Nigel Johnstone | 07/29/05
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now
- Get top-ranked Novell support for Red Hat at 50% less Novell A simplified IT environment isn't just less complex, it's more reliable. ... Download Now
- Reducing Server Total Cost of Ownership with VMware Virtualization Software VMware VMware virtualization enables customers to reduce their server TCO and ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
Enterprise Applications
- Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
- New Online Dashboard
-
- Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline
-
