Windows LiveWindows Live
 
 
Rami's profilecache from kuttainehPhotosBlogListsMore Tools Help

Blog
    July 28

    Vulnerability, what vulnerability?

    So you find a vulnerability in the internet operating system routing the vast majority of the internet. You bring the news to your boss; You bring the news to the maker of the routers. Do you give them time to repair it? No of course not, instead you throw your job away so you can blab to the next gathering of black hats giving them all the juicy details so that if say, a fourteen year old who has a beef with his girlfriend and his buddies decide the best way to get back at the world would be to say, take down a couple nodes (read: PoP) on the internet -- yeah, that'd be cool -- then maybe we could all grow up and get lives and realize that loose lips do sink ships or in this case, networks.
    6:11 PM | View trackbacks (1) | Blog it | Computers and Internet

    Comments (3)

    Please wait...
    Sorry, the comment you entered is too long. Please shorten it.
    You didn't enter anything. Please try again.
    Sorry, we can't add your comment right now. Please try again later.
    To add a comment, you need permission from your parent. Ask for permission
    Your parent has turned off comments.
    Sorry, we can't delete your comment right now. Please try again later.
    You've exceeded the maximum number of comments that can be left in one day. Please try again in 24 hours.
    Your account has had the ability to leave comments disabled because our systems indicate that you may be spamming other users. If you believe that your account has been disabled in error please contact Windows Live support.
    Complete the security check below to finish leaving your comment.
    The characters you type in the security check must match the characters in the picture or audio.

    To add a comment, sign in with your Windows Live ID (if you use Hotmail, Messenger, or Xbox LIVE, you have a Windows Live ID). Sign in


    Don't have a Windows Live ID? Sign up
    Rami Kuttainehwrote:
    After completing the read of the Wired interview I must say I am impressed with Michael Lynn.
     
    Final lessons:
    Patch your routers regularly & make sure to have independent researchers on your side. 
    July 21
    Rami Kuttainehwrote:
    After analysing the wired interview I believe this commend from Mr. Lynn sums up the situation:
     
    Lynn: So on January 27th, ISS comes out with their response to this vulnerability -- the advice to their customers based on my analysis.... I stayed up all night basically (to research it).

    I realized in looking at this (that the program) is actually way worse than Cisco said....

    Let this be a lesson to all people assigned to debug a system: 1) don't rush to judgement 2) don't stay up all night 3) don't presume.

    July 21
    Picture of Anonymous
    Kuttaineh wrote:
    Here is a follow-up interview from the man himelf ~
    http://www.wired.com/news/print/0,1294,68365,00.html
    Aug. 4

    Trackbacks (1)

    The trackback URL for this entry is:
    http://kuttaineh.spaces.live.com/blog/cns!939334DFF91E683D!117.trak
    Weblogs that reference this entry