Cisco :Self Healing Network my @ss

remember all those commericals on TV for Cisco equipment?

with all this crap about self-healing and self-defending networks?

well, it appears that Cisco's own networks may not have even defended themselves from an attack... led by someone which may or may not have managed to snag a copy of the source code for Cisco IOS 12.3, the operating system for their routers.. and someone then bragged about having it by posting a code snippet.

http://arstechnica.com/news/posts/1084683212.html

this is breaking news at the moment... it may turn out to be elaborate B.S., but this could be really bad news.

Cisco routers control a ton of Internet traffic. Most major routers, besides really powerful backbone kind of stuff, used on the Net are made by Cisco.

Cisco is generally better about security than Microsoft, but they depend a lot on the fact it's hard to read their source code... now someone may have the source.

someone with the Cisco IOS source and a team of good vulnerability finders could really fuck things up.

someone could even make an army of zombie routers as opposed to zombie PC's.... a broadband PC typically has 128k to 256k it can use for attacking someone, imagine people with multiple OC12 connections DoS'ing the hell out of people....

622mpbs of traffic per line... now imagine 100 of those aimed at any network... not too many could stand up to it.

someone found a backdoor password Cisco put into some of their other products very recently... I wonder if someone has really, throughly penetrated the hell out of Cisco's network and has passwords for everything and rootkitted everything, or maybe the leak came from a disgruntled employee.

that's another thing that could come from this... router rootkits.

for those who don't know, a rootkit is a attacker's tool that goes into the kernel (generally, these days) of an operating system.

I hate to use Sci Fi analogies, but imagine this- rootkits for a hacker are like a combination of having a personal cloaking device and Obi-Wan Kenobi following you around and telling everyone, "this is not the person you are looking for. In fact, there is no person here." and they just nod their heads.

the kernel is like the control room of NORAD is for U.S. Air Defense... all computer security ultimately deals with the kernel at some level, and if you control the kernel you can do anything you want... including the cloaking trick, but also controlling all the planes and telling them to bomb their own bases. And because computers are dumber than pilots, they will do this.

rootkits are somewhat harder to make on closed source systems, but not impossible- M$ Windows has rootkits, for instance.

they are really hard to make for Cisco and other systems, which don't allow you to run code with kernel level permissions normally.

if someone has this code and talent, they could be able to run code with kernel level permissions, AND have an easier time of making a rootkit, as opposed to having to read bare uncommented Motorola assembler.

now imagine someone quietly taking over and installing rootkits for a lot of these routers controlling big data pipes on the Net.... and then, on a certain date, setting half the routers to delete everything from the router's memory, and using the other half to target critical structures like the DNS name servers for the Internet.

the chaos would bring the Net to it's knees.

torrent pls