Thefor a temporary restraining order, filed jointly by Cisco and Internet Security Systems, targeted former ISS researcher Michael Lynn and the organizers of the Black Hat security conference. The companies took action after Lynn showed in a presentation how attackers could take over Cisco routers--a problem that he said could bring the Internet to its knees. Specifically, Lynn outlined how to run attack code on Cisco's Internetwork Operating System by exploiting a known security flaw in IOS. The software runs on Cisco routers, which make up the infrastructure of the Internet.
Lynn told the audience that he had quit his job as a researcher at ISS to deliver the presentation, after ISS had decided to pull the session.
The dispute, however,, when all parties agreed to a permanent injunction barring them from further discussing the presentation Lynn gave. The injunction also requires Lynn to return any materials and disassembled code related to Cisco.
Lynn on Thursday said that despite all the legal wranglings he faced this week, demonstrating an attack on Cisco's router software was the right call.
"I think I did the right thing. It was pretty scary, but the real important thing was: There was the potential of (a) serious problem," Lynn said.
Finding vulnerabilities is big business, andin popular file formats, such as the JPEG and GIF image formats.
Some of those bugs can be serious: A victim's PC could be hijacked by simply viewing an image on a Web site or in an e-mail. Microsoft issued three "critical" security bulletins earlier this month, two related to file format flaws.
There could be a significant increase in the discovery of such flaws. iDefense, a security intelligence company,that let researchers automate the discovery of file format vulnerabilities. The company released the tools Thursday in conjunction with the Black Hat security conference.