Re: CiSCO IOS 12.* source code stolen
On Tue, 18 May 2004, Alexei Roudnev wrote: > May be, it is a good idea - to release old (say, 10.0) IOS sources for the > colleges. It will allow them to practice in the hardware design > amd protocol implementation, using solid base of Cisco IOS. Or hand it over to the OpenBSD guys so they can just port to Cisco hardware. :) Charles > Even old, 10.0 IOS, is enough for this purpose. > > > > > > Hi, > > > > > > What makes me excited at this news is, is there a chance to learn > details of IOS > > which may be one of most successful protocol implementations. And, if such > code is > > available to both college and engineers it will surelly do good to our > life. > > > > So, I'll be glad to see the releasing of those codes as what happened to > Microsoft. > > > > Joe > > > > > > > > >Some years ago I was arguing with my then department head (whom I have > > >the greatest respect for, it should be said) at Cisco that IOS should > > >be turned open source. Needless to say, the suggestion was met with > > >"some" resistance, mildly speaking. > > > > > > > > > > Msg sent via Spymac Mail - http://www.spymac.com >
Re: CiSCO IOS 12.* source code stolen
On Tue, 2004-05-18 at 20:14, Alexei Roudnev wrote: > I am sure, that people over-estimates benefits of object-orienting and > modular software. Cisco IOS is a very good example of old fashioned, VERY > SOLID software. > If it was written on C++ with templates and other tricks, it will have 10 > times more bugs (good example - MS Windows, full of small bugs, which are > not so important in GUI software but are fatal for the router). Every software has bugs and I think that IOS is a great example of it ;) > It is not an occasion, that Cisco did not release modular IOS yet. Of > course, you _must_ know, how to program on plain C and plain F77, instead of > knowing only VC wizard > and GUI studio (the worst thing I ever saw was old MS visual studio). So, it > can be very useful.. > > (It does not mean, that object orienting programming is bad - it is just one > more solid programming approach, tool - but it is not the only tool in the > world.) As you cut away my message you probably didn't read it correctly as I have not mentioned object-orientation nor C++ or anything related in any way. "Cutting into pieces and keeping things seperate" is another way to describe modularisation. It is also one of the things where many UNIX kernels have a problem with where everything is sticking to everything and having a relation with each other. But that is of course a mentality and design issue in picking a nano- over a micro- or over a monolithic kernel. General thought about design issues have changed a lot and will always be changing, that is what we call evolution ;) This still has nothing to do with C++ or Visual anything, also trying to go into the "MS makes bad code" direction is really lame, every single vendor makes mistakes and most of them also fix them, some are just more popular and in common use than others and thus they get noticed better. Every tool has it's own purpose, you will just have to use the right tool or just an even bigger hammer. In the IOS case though even the biggest hammer isn't good enough to slam it into something good ;) But that is why Cisco evolved to the new IOX thingy. ;) Greets, Jeroen signature.asc Description: This is a digitally signed message part
Re: CiSCO IOS 12.* source code stolen
I am sure, that people over-estimates benefits of object-orienting and modular software. Cisco IOS is a very good example of old fashioned, VERY SOLID software. If it was written on C++ with templates and other tricks, it will have 10 times more bugs (good example - MS Windows, full of small bugs, which are not so important in GUI software but are fatal for the router). It is not an occasion, that Cisco did not release modular IOS yet. Of course, you _must_ know, how to program on plain C and plain F77, instead of knowing only VC wizard and GUI studio (the worst thing I ever saw was old MS visual studio). So, it can be very useful.. (It does not mean, that object orienting programming is bad - it is just one more solid programming approach, tool - but it is not the only tool in the world.) - Original Message - From: "Jeroen Massar" <[EMAIL PROTECTED]> To: "Alexei Roudnev" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, May 18, 2004 11:01 AM Subject: Re: CiSCO IOS 12.* source code stolen
Re: CiSCO IOS 12.* source code stolen
On Tue, 2004-05-18 at 19:42, Alexei Roudnev wrote: > May be, it is a good idea - to release old (say, 10.0) IOS sources for the > colleges. It will allow them to practice in the hardware design > amd protocol implementation, using solid base of Cisco IOS. > > Even old, 10.0 IOS, is enough for this purpose. I would not even want to see IOS 12.x being given as an example in a college. That is definitely not a good idea ;) There is also a very good reason why Cisco have a new OS lined up for quite some time you figure out why ;) Also in these times people actually know what modularisation is. Greets, Jeroen signature.asc Description: This is a digitally signed message part
Re: CiSCO IOS 12.* source code stolen
May be, it is a good idea - to release old (say, 10.0) IOS sources for the colleges. It will allow them to practice in the hardware design amd protocol implementation, using solid base of Cisco IOS. Even old, 10.0 IOS, is enough for this purpose. > > Hi, > > > What makes me excited at this news is, is there a chance to learn details of IOS > which may be one of most successful protocol implementations. And, if such code is > available to both college and engineers it will surelly do good to our life. > > So, I'll be glad to see the releasing of those codes as what happened to Microsoft. > > Joe > > > > >Some years ago I was arguing with my then department head (whom I have > >the greatest respect for, it should be said) at Cisco that IOS should > >be turned open source. Needless to say, the suggestion was met with > >"some" resistance, mildly speaking. > > > > > Msg sent via Spymac Mail - http://www.spymac.com
Re: CiSCO IOS 12.* source code stolen
On Mon, 17 May 2004 19:31:57 MDT, Joe Shen <[EMAIL PROTECTED]> said: > What makes me excited at this news is, is there a chance to learn details of IOS > which may be one of most successful protocol implementations. And, if such code is > available to both college and engineers it will surelly do good to our life. Just remember that doing so from the stolen source code won't do you any long-term happiness.. ;) pgpxahZMxpSE1.pgp Description: PGP signature
Re: CiSCO IOS 12.* source code stolen
Hi, What makes me excited at this news is, is there a chance to learn details of IOS which may be one of most successful protocol implementations. And, if such code is available to both college and engineers it will surelly do good to our life. So, I'll be glad to see the releasing of those codes as what happened to Microsoft. Joe >Some years ago I was arguing with my then department head (whom I have >the greatest respect for, it should be said) at Cisco that IOS should >be turned open source. Needless to say, the suggestion was met with >"some" resistance, mildly speaking. Msg sent via Spymac Mail - http://www.spymac.com
Re: CiSCO IOS 12.* source code stolen
Some years ago I was arguing with my then department head (whom I have the greatest respect for, it should be said) at Cisco that IOS should be turned open source. Needless to say, the suggestion was met with "some" resistance, mildly speaking. I still think the idea has a lot going for it. IOS as such is not a major revenue source, considering equipment prices in general; Cisco could bundle IOS at no cost merely by cranking up the hardware prices by a small amount, and there are no big secrets in the source. Arguably, there are things that some people might find "interesting" to try to dig into, but in terms of making a network box, a lot of the mystery has turned into old hat over the years. Heck, I have a completely independent and in every possible way unencumbered BGP4 implementation under my belt (the core was done well before my stint at Cisco), and in terms of coding complexity I've had much worse on my plate. Going back in time, Cisco's main claim to fame has always been to be there when you needed them, and in the old days they always were. Tony Li, who has posted here, is probably the best known, but there were many others, and they were all equally respected, revered, and honoured, not just for their knowledge and insight, but because, unlike the case at other vendors, they were there at night, at weekends, and at all other unholy hours, when a sinking networker needed them to be there. For the past many years, however, that hasn't been the case, whether or not one is carrying a hugely expensive maintenance contract in one's pocket. In one word, Cisco has turned "corporate". They managed to stay alive for much longer than most other vendors, but eventually they too couldn't remain un-corporate any longer. But, completing the circle, turning IOS into Open Source may be a way to bring back the heady days when Cisco/IOS ruled the world, in a fashion. All it takes is to bring online a ton of dedicated developers, just like any other Open Source project, and we know they're out there. Quoting my favourite American saying, "This is an opportunity". And the ball is in Cisco's court. -- Per
Re: CiSCO IOS 12.* source code stolen
I should not be too aware of the possible usage of this source code for the exploit development; Cisco have a very few points, where it parse/process IP packets, and most of such points are filtered out in most Cisco's. Much more serious is _trade secrets_ issue. Of course, no one can take this codes and use them on their equipment, or grab library and reuse it. But, unfortunately, Cisco's codes should have many small tricks, smart design solutions and so on, which makes IOS so efficient, and this things can be reused by competitors (unfortunately for Cisco, only a few West countries respect author's rights, in other people are free to purchase this source codes from the hacker and use as much as they do want). (Of course, this leak can result in a few more SNMP exploits - but it is well known Issue /it is impossible to write out safe code for ASN.1 parser, in real world/ - what's a surprise!). - Original Message - From: "Scott Call" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, May 16, 2004 1:02 AM Subject: Re: CiSCO IOS 12.* source code stolen > > On Sun, 16 May 2004, Henry Linneweh wrote: > > > > > You do not have to steal the code, you can buy a cisco > > router from an equipment reseller and have all the > > access you want. > > > > I wasn't aware you got a source license when you purchased Cisco gear. I > need to have a talk with my reseller... > > smart-assitude aside, I do hope fallout is minimal and easily worked > around. Hopefully even the script kiddies and other black hats understand > that undermining the infrasture of the 'net would make all of their DDOS > and SPAM zombies unusable. > > -S > > -- > Scott Call Router Geek, ATGi, home of $6.95 Prime Rib > I make the world a better place, I boycott Wal-Mart > VoIP incoming: +1 360-382-1814 >
Re: CiSCO IOS 12.* source code stolen
On Sun, 16 May 2004, Peter Galbavy wrote: : > Cisco source codes never were a top secret, many people around the : > world had access to them (and I believe, it explains Cisco's : > stability and success). : : ... and here is to hoping that Cisco don't try to use this incident, if it : gets coverage outside a narrow readership, as a marketing exercise to blame : coding error exploits on anyone but the company itself - unlike our friends : in Redmond. Heh. Might make for a good peer review, though. At least CSCO manages to put out fixes after an exploit is released; MSFT tends to deny existence of the bug for up to months before releasing a fix. 8-) -- -- Todd Vierling <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
Re: CiSCO IOS 12.* source code stolen
Scott Call <[EMAIL PROTECTED]> writes: > smart-assitude aside, I do hope fallout is minimal and easily worked > around. Hopefully even the script kiddies and other black hats understand > that undermining the infrasture of the 'net would make all of their DDOS > and SPAM zombies unusable. s/unusable/redundant/. don't get your hopes up. ---rob
Re: CiSCO IOS 12.* source code stolen
On Sun, 16 May 2004, Henry Linneweh wrote: > > You do not have to steal the code, you can buy a cisco > router from an equipment reseller and have all the > access you want. > I wasn't aware you got a source license when you purchased Cisco gear. I need to have a talk with my reseller... smart-assitude aside, I do hope fallout is minimal and easily worked around. Hopefully even the script kiddies and other black hats understand that undermining the infrasture of the 'net would make all of their DDOS and SPAM zombies unusable. -S -- Scott Call Router Geek, ATGi, home of $6.95 Prime Rib I make the world a better place, I boycott Wal-Mart VoIP incoming: +1 360-382-1814
Re: CiSCO IOS 12.* source code stolen
You do not have to steal the code, you can buy a cisco router from an equipment reseller and have all the access you want. -Henry --- Alexei Roudnev <[EMAIL PROTECTED]> wrote: > > Hmm, it's all interesting. EFnet IRC again... > > Does anyone have a full logs of EFnet IRC > conversations? We used to > participate in it 6 years ago (when fighting hackes > in Russia), > and it was very useful for following trends (of > course, after you dump a > heaps of junk). > > > - Original Message - > From: "Michel Py" > <[EMAIL PROTECTED]> > To: "John Kinsella" <[EMAIL PROTECTED]>; > <[EMAIL PROTECTED]> > Sent: Saturday, May 15, 2004 1:45 PM > Subject: RE: CiSCO IOS 12.* source code stolen > > > > Rough translation of: > http://www.securitylab.ru/45221.html > > May, 15 2004 > > Leak of code CiSCO IOS source code? > > As it became known to SecurityLab, the source code > of operating system > CISCO IOS 12.3, 12.3t, which is used in the majority > of Cisco network > devices has been stolen on May 13, 2004. The total > volume of the stolen > information represents about 800MB in an archive > file. > > According to the information available to us, the > leak of fragments of > the source code occurred because of a break-in into > the corporate > network of Cisco System. > > Representatives of Cisco System have not made any > comments about the > break-in so far. > > A person whose alias on [EMAIL PROTECTED] IRC is > "franz" has given a small > parts of the source code (about 2.5 Mb) as proof. > > Below are links to the first 100 first lines of > source code of: > > ipv6_tcp.c: > http://www.securitylab.ru/45222.html > > ipv6_discovery_test.c: > http://www.securitylab.ru/45223.html > >
Re: CiSCO IOS 12.* source code stolen
Alexei Roudnev wrote: > Cisco source codes never were a top secret, many people around the > world had access to them (and I believe, it explains Cisco's > stability and success). ... and here is to hoping that Cisco don't try to use this incident, if it gets coverage outside a narrow readership, as a marketing exercise to blame coding error exploits on anyone but the company itself - unlike our friends in Redmond. Cisco have enough IPR to protect serious commercial exploitation of leaked code in other ways. Peter
Re: CiSCO IOS 12.* source code stolen
Hmm, it's all interesting. EFnet IRC again... Does anyone have a full logs of EFnet IRC conversations? We used to participate in it 6 years ago (when fighting hackes in Russia), and it was very useful for following trends (of course, after you dump a heaps of junk). - Original Message - From: "Michel Py" <[EMAIL PROTECTED]> To: "John Kinsella" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Saturday, May 15, 2004 1:45 PM Subject: RE: CiSCO IOS 12.* source code stolen Rough translation of: http://www.securitylab.ru/45221.html May, 15 2004 Leak of code CiSCO IOS source code? As it became known to SecurityLab, the source code of operating system CISCO IOS 12.3, 12.3t, which is used in the majority of Cisco network devices has been stolen on May 13, 2004. The total volume of the stolen information represents about 800MB in an archive file. According to the information available to us, the leak of fragments of the source code occurred because of a break-in into the corporate network of Cisco System. Representatives of Cisco System have not made any comments about the break-in so far. A person whose alias on [EMAIL PROTECTED] IRC is "franz" has given a small parts of the source code (about 2.5 Mb) as proof. Below are links to the first 100 first lines of source code of: ipv6_tcp.c: http://www.securitylab.ru/45222.html ipv6_discovery_test.c: http://www.securitylab.ru/45223.html
Re: CiSCO IOS 12.* source code stolen
Cisco source codes never were a top secret, many people around the world had access to them (and I believe, it explains Cisco's stability and success). Rough translation of: http://www.securitylab.ru/45221.html May, 15 2004 Leak of code CiSCO IOS source code? As it became known to SecurityLab, the source code of operating system CISCO IOS 12.3, 12.3t, which is used in the majority of Cisco network devices has been stolen on May 13, 2004. The total volume of the stolen information represents about 800MB in an archive file. According to the information available to us, the leak of fragments of the source code occurred because of a break-in into the corporate network of Cisco System. Representatives of Cisco System have not made any comments about the break-in so far. A person whose alias on [EMAIL PROTECTED] IRC is "franz" has given a small parts of the source code (about 2.5 Mb) as proof. Below are links to the first 100 first lines of source code of: ipv6_tcp.c: http://www.securitylab.ru/45222.html ipv6_discovery_test.c: http://www.securitylab.ru/45223.html
Re: CiSCO IOS 12.* source code stolen
It certainly looks (approximately) genuine, with Kirk's normal coding style and normal calls to IOS infrastructure routines. Tony On May 15, 2004, at 1:21 PM, John Kinsella wrote: For those not on bugtraq...I can't hit securitylab.ru, so would be curious if anybody has more info or confirmation... John - Forwarded message from Alexander Antipo <[EMAIL PROTECTED]> - From: "Alexander Antipo" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: CiSCO IOS 12.* source code stolen Date: Sat, 15 May 2004 22:49:50 +0400 X-Mailer: Microsoft Office Outlook, Build 11.0.5510 More information (in Russian, of course) and some little stolen code can be found here: http://www.securitylab.ru/45221.html - End forwarded message -
RE: CiSCO IOS 12.* source code stolen
Rough translation of: http://www.securitylab.ru/45221.html May, 15 2004 Leak of code CiSCO IOS source code? As it became known to SecurityLab, the source code of operating system CISCO IOS 12.3, 12.3t, which is used in the majority of Cisco network devices has been stolen on May 13, 2004. The total volume of the stolen information represents about 800MB in an archive file. According to the information available to us, the leak of fragments of the source code occurred because of a break-in into the corporate network of Cisco System. Representatives of Cisco System have not made any comments about the break-in so far. A person whose alias on [EMAIL PROTECTED] IRC is "franz" has given a small parts of the source code (about 2.5 Mb) as proof. Below are links to the first 100 first lines of source code of: ipv6_tcp.c: http://www.securitylab.ru/45222.html ipv6_discovery_test.c: http://www.securitylab.ru/45223.html
