Slashdot Mirror

← Back to Stories (view on slashdot.org)

Possible Cisco Source Code Theft

Posted by CmdrTaco on from the gotta-hate-when-that-happens dept.

OmegaBlac writes "According to Ars Technica, a Russian security site is claiming that Cisco's corporate network was comprimised and about 800MB of Cisco's source code for IOS Operating System version 12.3 was stolen. I guess Cisco forgot to implement their own Self Defending Network solutions."

7 of 189 comments (clear)

  1. Re:WARNING copyrighted source samples ahead! by cide1 · · Score: 5, Informative

    Yeah, I'd like to believe you, but I've seen people get away with murder in source code before. Open source coders worry a lot more about things like indentation, and filenames that make sense. In closed source shops, a lot of times what is quickly coded as a prototype becomes the shipping product, and things like indent cant be used because it breaks diffs. As much as I'd like to look with my own eyes, this sounds like one of the things it would be best if I just ignored it.

    --
    -- the computer doesn't want any beer, no matter how much you think it does. NEVER, EVER feed your computer beer.
  2. Re:Full text translation by versus · · Score: 4, Informative
    I don't know who moderated parent as Informative (hint: use +1 Funny)

    Here is word-to-word translation (english is not my mother tongue):

    • As SecurityLabz was informed, in May 13, 2004 all source code of Cisco IOS 12.3, 12.3t was stolen. Cisco IOS is used in most Cisco network products. Full size of the stolen information is about 800 MBytes archived.

    • Source code leak was made possible because of Cisco's corporate network compromise. Cisco gave no official comments yet.

      Someone known as franz at IRC channel #darknet@EFnet showed a small part of stolen code as the proof.

      First 100 lines of source file ipv6_tcp.c and ipv6_discovery_test.c is listed below.

    --
    Brain is my second favorite organ.
  3. Re:Heh... by billygr · · Score: 2, Informative

    "SO, if you don't like it, you go out and make an OS for the Cisco routers and put it out for free - go ahead, no one is stopping you"

    Who said that there isn't somethink like this ?

    http://www.uclinux.org/ports/
    From uClinux page: uClinux has successfully been ported to the Cisco 2500, 3000, 4000 routers. The patch allowing uClinux to run on the Cisco 2500/3000/4000 routers was completed by Koen De Vleeschauwer"

  4. This really means nothing. by corrosive_nf · · Score: 4, Informative

    Cisco had already announced a few weeks ago that version 13 of IOS was coming out and in June they were going to dump IOS fully for a totally new os for their routers that was going to be pluggable and more secure

    http://news.com.com/2100-1033_3-5210745.html

  5. Re:Stolen from the #1 Security Company? by Anonymous Coward · · Score: 3, Informative

    the company has long practiced a policy of "security through obscurity

    Not really... every version of Cisco IOS since 6 has been leaked. The first time I've seen IOS source was probably 6-7 years ago. I'm not even sure why this is news.

  6. Re:The Internet Doesn't Run On Cisco by TheGratefulNet · · Score: 2, Informative

    quite wrong.

    its freebsd. I used to work there so I know.

    --

    --
    "It is now safe to switch off your computer."
  7. Re:one word: bullshit by thinlineofsanity · · Score: 2, Informative

    You'll be happy to know that MCI (UUNET/Worldcom) use a significant portion of Juniper equipment, nowadays.