Cisco IOS stolen?

Discussion in 'Cisco' started by Karsten Fischer, May 16, 2004.

  1. ---
    Russian security Web site SecurityLab is reporting that the source code
    for Cisco Systems Inc.'s main networking device operating system was
    stolen on Thursday.

    According to the report, criminal hackers broke into Cisco's corporate
    network and stole 800MB of source code for IOS 12.3 and 12.3t (an early
    deployment version containing features not found in the vanilla 12.3
    version). In addition, a 2.5MB sample of what is supposedly IOS code was
    released on an Internet Relay Chat channel as proof of the alleged theft.
    [...]

    Source:
    http://www.eweek.com/article2/0,1759,1593870,00.asp

    Regards,

    Karsten
     
    Karsten Fischer, May 16, 2004
    #1
    1. Advertisements

  2. fasten your seatbelts... ;)
     
    Stefan Dambeck, May 16, 2004
    #2
    1. Advertisements

  3. So? Most of the value of Cisco routers is in the hardware, not the IOS.
     
    Barry Margolin, May 17, 2004
    #3
  4. Karsten Fischer

    Brad Guest

    uh...actually, most of the value is the IOS, NOT the hardware!
     
    Brad, May 17, 2004
    #4
  5. Karsten Fischer

    jt Guest

    The early worm catches the fish :)

     
    jt, May 17, 2004
    #5
  6. Really? Most of the high-speed switching is done in hardware like the
    line cards.
     
    Barry Margolin, May 17, 2004
    #6
  7. Karsten Fischer

    Scooby Guest

    Most of the "Cost" is in the hardware. Same as most of the cost of your pc
    and servers is in the hardware. The real processing power of your pc is in
    the select of memory, cpu and hard disk. But, microsoft wouldn't be too
    keen on loosing their source code even if they sold pc's.

    This is trade secret stuff that is the core of Cisco's business and could be
    very harmful to lose. Anyone can put together expensive hardware. It
    doesn't take a genius to look at the backplane to see what components are
    used and how they connect together. Even when the hardware does high-speed
    switching, it is the software that ultimately controls that. Besides, from
    what I read, this is not just switching, it is IOS, which includes routers.

    Another important note that the article pointed out is that the source code
    will make it easier for hackers to identify security holes. That is not a
    "So what?".

    Jim
     
    Scooby, May 17, 2004
    #7
  8. IMHO, the hardware is what makes Cisco (and other vendors') routers
    unique. IOS is mainly just the user interface and config file parser.
    I was using "switching" in the general term, to refer to all types of
    packet forwarding.

    The only part that IOS plays in this is downloading the forwarding
    tables to the line cards. Most of the time it's not involved in packet
    forwarding at all, unless you've configured the router to do process
    switching instead of some form of fast switching.

    Look at it this way: the difference between the 25xx, 75xx, and 12xxx
    series of routers is not in the software (they all run almost the same
    IOS), it's in the hardware.
     
    Barry Margolin, May 17, 2004
    #8
  9. Yeah, just look at that OSPF, EIGRP and BGP code, not mentioning
    things like tag switching for MPLS, or VPN code. Or things like
    IDS, Firewall or Voice Gatekeeper modules. Really, "just user interface
    and config parser"...

    If someone really get 12.3/12.3T code and it will surface in bigger
    parts, many small vendors will get big advantage (not mentioning
    open source projects like quagga/zebra for example, or kernel
    developers for linux/*bsd) and other "big letters" of the industry
    will get a chance to look at their competitor from very good
    angle - "we see what You have and how are You doing it, You don't
    know how we do things You do".
    Again - not quite wisely chosen word "almost". PIXes run the same
    software, routers don't.
     
    =?ISO-8859-2?Q?=A3ukasz_Bromirski?=, May 17, 2004
    #9
  10. Karsten Fischer

    Scooby Guest

    IOS is much more than an interface and file parser. It is the Operating
    System. Based on your config, the IOS helps the device make many decisions
    and tells it how to communicate with the outside world as well as the
    components/cards. Windows, X-Windows, Unix, etc... They are all much more
    than interfaces. They are operating systems that handle a lot more than the
    eye can see. An operating system is no trivial piece of work. Why do you
    think many flavors of the IOS are 15Meg+ of compiled code? You don't need
    programs that big for a file parser and text line interface.
    Not all devices forward in the hardware.
    Of course there is going to be a big difference in those product lines. The
    cost in delivering them is higher, just from a manufacturing standpoint
    alone - not including the engineering. But there are many different options
    for purchasing the IOS. On switches, there is the option of EMI vs. SMI.
    On the routers, there are a variety of feature sets. Some of these come
    quite expensive. Take a 2600 router with just the basics and compare it to
    one that is fully loaded with features. The cost difference is pretty
    dramatic. Again, yes, a majority of the "Cost" is in the hardware. But,
    that is not to trivialize the value of the software.

    That's like saying that the OS for the Pix or any other firewall vendor is
    no big deal because it is the hardware that handles it. The intelligence is
    in the software. That is a very important commodity to keep.

    Jim
     
    Scooby, May 17, 2004
    #10
  11.  
    Walter Roberson, May 17, 2004
    #11
  12. Karsten Fischer

    Jeff Pratt Guest

    This'll actually just make life harder for open-source projects. Prior to
    this leak, a developer could implement a feature, and if their
    implementation was close to cisco's implementation method, they would at
    least have had plausible deniability (I've never worked for cisco or their
    liscencee's, this was the fruit of my own labour). That is more difficult
    now. Anyone who's had a look at any proprietary source code, effectively
    bans themself from working on any of the operations implemented by that
    code, or even any operations too similar.

    Jeff
     
    Jeff Pratt, May 17, 2004
    #12
  13. Well, Linus Torvalds did look at the Unix source code, and now
    look how Linux grown up. Stallman once said, that he was "just
    standing on the shoulders of giants", when he did write his first
    lines of free software.

    I still hold up the idea, that it would benefit anyone working on
    routing protocols, or VPN implementations (whatever they may be)
    if they would be able to look at it and come to their own
    conclusions. And I'm not talking about simply stealing ideas, I'm
    talking, for example, about maintaning compatibility. Of course,
    I don't want to suggest, that stealing propertiary work from
    networking company is "thing everybody should do".
     
    =?ISO-8859-2?Q?=A3ukasz_Bromirski?=, May 17, 2004
    #13
  14. I don't think it's a problem for open-source projects. Anyone who
    suspects copying can easily look at the source code and determine
    whether there's any literal similarity.

    The folks who would need to be more concerned are the commercial
    competitors. If Cisco suspects they've made use of the leaked code,
    they might be able to get the court to force them to provide source code.
     
    Barry Margolin, May 17, 2004
    #14
  15. I know what an operating system is. But I suspect that the operating
    system is out of the loop for much of the work that a Cisco router does.

    If you want an analogy to a general purpose computer,
    Windows/Unix/whatever do not run on the disk controller. And on a
    router, much of the important work takes place on the peripheral
    devices. IOS tells them what to do by downloading forwarding tables and
    filters, and they then do it independently.
     
    Barry Margolin, May 17, 2004
    #15
  16. ....and change all `show xxx' semantics to `display xxx' as someone,
    wait, what the name of the company was? did recently :D

    Greetz,
     
    =?ISO-8859-2?Q?=A3ukasz_Bromirski?=, May 17, 2004
    #16
  17. Karsten Fischer

    Scooby Guest

     
    Scooby, May 17, 2004
    #17
  18. Karsten Fischer

    Mike Sykes Guest

    Cisco is a software company, hardware is a nasty byproduct of their
    software business. All the switching and routing is done within the software
    AND hardware. Without IOS that ASICs they employ are useless.

    --
    Mike
     
    Mike Sykes, May 18, 2004
    #18
  19. When you turn it off, you end up with a router with very poor
    performance.
    Packet filtering is done in hardware.

    The other thing is that there's nothing really that special about
    Cisco's implementations of many of those other things. If someone wants
    routing protocols, they can download gated. NAT and PAT are available
    in Linux and FreeBSD. And so on. And all these things will run on
    generic hardware -- IOS will only run on a Cisco box.
     
    Barry Margolin, May 18, 2004
    #19
  20. And without the ASICs, the software is useless.
     
    Barry Margolin, May 18, 2004
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.