Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • IT Management
    • Networking

    What Threat Is Posed by Stolen Cisco Code?

    By
    Sean Gallagher
    -
    November 5, 2004
    Share
    Facebook
    Twitter
    Linkedin

      Once again, hackers are trying to sell what they purport to be the source code for Ciscos PIX firewall. But it isnt clear that theres any threat posed to customers by the code. In fact, the only people who might benefit from the code are Ciscos competitors.

      The “Source Code Club” is offering to sell the PIX code for $24,000. But its not certain that anybody buying the code would be able to use it to find holes in the firewall software any more effectively than they could without it—unless they have significant software development and computing resources to examine the 37 MB of uncompiled code.

      /zimages/4/28571.gifE-gold says it can track down the group that stole Ciscos code. Read about it here.

      When some of the source code to Windows was stolen off a server at Mainsoft and released into the wild, many were concerned that it would mean hackers would quickly find new vulnerabilities in Windows and create “zero-day” exploits of the operating system—holes that Microsofts customers would have no prior warning of. Those concerns turned out to be unfounded. That was at least partially because of the age of the code (it was for Windows NT 4.0) and its incomplete nature, but it was also because most of what hackers could learn from the code couldnt be exploited to circumvent security.

      The firewall code stolen from Cisco is apparently more complete and more current than the exposed Windows code. But the fact is that the biggest risk that the missing software poses is to Cisco itself—and a large portion of that risk surrounds this story continuing to appear in the news.

      The code theft has become an embarrassment to Cisco, undermining the companys marketing message. After all, if their own network security products couldnt stop the theft of their intellectual property, how are they going to protect their customers? And the source code would be a boon to any would-be competitors seeking to develop a firewall product of their own—especially for overseas markets like China, where intellectual property rights border on theoretical.

      Given the precedent set by SCO Groups litigation, open-source developers would likely avoid the Cisco code like the plague. Its still possible that the concepts and methods used within the PIX firewall source—or even chunks of the code itself–could find their way into some open source project. But at the current asking price, its unlikely anyone is going to risk receiving stolen goods just to give it away.

      Even those with malicious intent beyond stealing Ciscos ideas will have a hard time getting any value out of the source–having the source code is not necessarily going to help hackers find new vulnerabilities in the PIX software. After all, if Cisco hasnt found them with the resources it dedicates to keeping the code bug free, it would take a good deal of deliberation over the code for someone else to find them.

      Next Page: The worst-case scenario.

      Worst

      -Case Scenario”>

      The worst-case secenario is that some evil-doer could use the source code to create an image of the PIX software that provides a back-door for him or others to magically circumvent the firewall. But for that scenario to work, the bad guys would have to convince their target to install that software image onto a firewall. And targets worth attempting an attack of that kind of sophistication on, requiring such a high level of both “social engineering” and significant resources to back it, arent very numerous.

      Alternatively, someone with deep programming knowledge could identify ways to attack existing routers by creating buffer overflows in the software with external input—for a denial-of-service attack. Or they could find a way to pull off some sort of “man in the middle” attack against a VPN session based on gaps in how PIX handles session authentication.

      In fact, these are both vulnerabilities that Cisco has found in the past in the PIX software—two years ago, in earlier versions of the software. Odds are that Cisco has filled in most of these holes—at least the ones that are obvious from just looking at the source code.

      For more insights from Sean Gallagher, check out his Weblog.

      But if hackers wanted to spend $24,000 to figure out how to take out a PIX firewall, theyd probably be better off spending it on a Cisco PIX firewall of their own, or maybe some Cisco network engineer training. Thats because most of the vulnerabilities in firewalls are the result of misconfiguration—and the best way to learn about those vulnerabilities is by learning how to run a firewall correctly.

      Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Sean Gallagher
      Sean Gallagher is editor of Ziff Davis Internet's enterprise verticals group. Previously, Gallagher was technology editor for Baseline, before joining Ziff Davis, he was editorial director of Fawcette Technical Publications' enterprise developer publications group, and the Labs managing editor of CMP's InformationWeek. A former naval officer and former systems integrator, Gallagher lives and works in Baltimore, Maryland.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×