- TalkBack 1 of 11:
- Next »
- Thread View
- Flat View
- Would you hire ISS for security advice?
-
" The companies went to court seeking a gag order against Lynn and the Black Hat organizers. "
ISS are really damaging their own reputation here.
Here, from ISS website:
"Internet Security Systems (ISS) has served as the trusted security advisor to global enterprises and world governments for over a decade."
So if I was a government agency and I found out that ISS knew about a security hole in Cisco routers, that Cisco were told about in April and didn't properly correct it. That ISS colluded with Cisco in keeping this information secret....I don't think I would seek advice from these guys do you?
What he did was correct. A crap lock is a crap lock is a crap lock. Pretending a crap lock is really a good lock and hoping the thieves will be fooled is no security.
http://www.boingboing.net/2005/07/27/security_researcher_.html
"In the latest case, ISS and Lynn contacted Cisco in April to report their process for using a vulnerability in IOS to run a program on a Cisco router. The networking fixed the vulnerability in the operating system, but did nothing to prevent attackers from running programs on the devices using the broad techniques Lynn described, the researcher said.
"During his presentation, Lynn outlined an eight step process using any known, but unpatched flaw, to compromise a Cisco IOS-based router. While he did not publish any vulnerabilities, Lynn said that finding new flaws would not be hard... " - Posted by: Nigel Johnstone Posted on: 07/29/05 You are currently: a Guest | Members login | Terms of Use
Would you hire ISS for security advice?
Nigel Johnstone | 07/29/05
|
Oh and don't buy Cisco Routers either
Nigel Johnstone | 07/29/05
|
Overly simplified.
ShadeTree | 07/29/05
|
Then CISCO+ISS should be liable
Nigel Johnstone | 07/29/05
|
|
I think what is meant is...
John L. Ries | 07/29/05
|
|
Hmmm...
zkiwi | 07/29/05
|
|
No, the concealment is the issue
Nigel Johnstone | 07/29/05
|
|
Oh?
zkiwi | 07/29/05
|
|
They had better be the only culprit
Nigel Johnstone | 07/29/05
|
|
What Cisco tried to suppress was how ...
ShadeTree | 07/29/05
|
|
Shadetree, from CISCO own comments
Nigel Johnstone | 07/29/05
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
- Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now
- SOA for Dummies 2nd IBM Limited Edition Mini eBook IBM Learn the basics of SOA by following 7 real-life companies as they experience the truly game-changing effects of this important technology initiative. Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
- Save time with automated shipping solutions
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Visit the UPS Business Essentials Guide
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
- Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
- Linking Decisions and Information for Organizational Performance Read the Tom Davenport study
