Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Apr 2004
Posts: 298
Phatal Offline OP
UGN News Staff
OP Offline
UGN News Staff
Joined: Apr 2004
Posts: 298
An unspecified amount of the proprietary source code that drives Cisco Systems' networking hardware has appeared on the Internet, the technology giant acknowledged early Monday.

A representative could not confirm, however, that network intruders made off with 800MB of code, as reported by a Russian security group over the weekend.

"Cisco is aware that a potential compromise of its proprietary information occurred and was reported on a public Web site just prior to the weekend," said Jim Brady, a spokesman for the company. "The Cisco information security team is looking into this matter and investigating what happened."

Brady could give no further details on the matter.

This is the second time this year that a major technology company's product source code has been made public without authorization. In February, source code for parts of Microsoft's Windows 2000 and Windows NT were leaked to the Internet. One security researcher claimed that he had discovered a minor Internet Explorer flaw by analyzing that source code.

It's uncertain to what degree the leaked code will affect Cisco security. The security of Microsoft's operating systems has not significantly suffered from the leak of its code. Moreover, attackers tend not to focus on vulnerabilities in networking hardware. A major flaw that Cisco warned customers about in July never materialized as a threat.

News of the latest source code leak appeared on a Russian security site, SecurityLab.ru, on Saturday, two days after its administrators received the leaked source code. The site posted two files of source code written in the C programming language, which apparently enables some next-generation Internet Protocol version 6 functionality. One file was copyrighted in 1996 and the other in 2003.

According to SecurityLab.ru, online vandals had compromised Cisco's corporate network and stolen about 800MB of source code. A person with the alias "Franz" bragged about the intrusion and posted about 2.5MB of code on the Internet relay chat (IRC) system not long after the alleged break-in.

By Sunday evening, however, the code could not be located by CNET News.com, and members of the IRC channel were speculating about the authenticity of the two brief excerpts posted on the Russian site.

One participant suggested that they might be a hoax, because "Cisco" was not capitalized in the source code. Others apparently grew tired of the discussion, changing the channel's title temporarily to "do not keep commercial code on online computers...when are people gonna learn."

The excerpts posted by SecurityLab.ru named Ole Troan and Kirk Lougheed as the authors of the code. Both programmers appear to be Cisco employees.

You can view the original article here...
http://news.com.com/2100-7349_3-5213724.html?tag=nefd.top

Joined: Apr 2004
Posts: 298
Phatal Offline OP
UGN News Staff
OP Offline
UGN News Staff
Joined: Apr 2004
Posts: 298
Code
ipv6_discovery_test.c

/*------------------------------------------------------------------ 
* ipv6_discovery_test.c -- Neighbor Discovery unit tests. 
* 
* August 2003, Ole Troan 
* 
* Copyright (c) 2003-2004 by cisco Systems, Inc. 
* All rights reserved. 
*------------------------------------------------------------------ 
*/ 
#include "interface.h" 
#include "interface_private.h" 
#include "../ipv6.h" 
#include "../ipv6_discovery.h" 
#include "sys_registry.h" 
#include "subsys.h" 
#include COMP_INC(cutest, cu_test.h) 

idbtype lidb; 
hwidbtype hwidb; 
ipv6_idbtype ipv6_sb; 
in6_addr_t target; 

/* 
* setup_subsys_init 
*/ 
extern list_header subsyslist[SUBSYS_CLASS_MAX]; 
static void 
setup_subsys_init (subsys_class category, char *name) 
{ 
list_element *element; 
subsystype *subsys; 

FOR_ALL_DATA_IN_LIST(&subsyslist[category], element, subsys) { 
if (!strcmp(name, subsys->namestring)) { 
if (subsys->entry) { 
(*subsys->entry)(subsys); 
break; 
} 
} 
} 
} 


static void 
setup (void) { 
setup_subsys_init(SUBSYS_CLASS_PROTOCOL, "ipv6_nd"); 
reg_add_printf((long)'P', ipv6_printf, "ipv6_printf"); 

/* 
* Create an IDB and Enable IPv6 on it 
*/ 
lidb.hwptr = &hwidb; 
hwidb.firstsw = &lidb; 
hwidb.status = IDB_ETHER; 
lidb.ipv6_data = &ipv6_sb; 

target.s6_addr32[0] = 0x2001000; 
target.s6_addr32[3] = 0x0000001; 
} 


/* 
* nd_test_create 
*/ 
CU_TEST_START (nd_test_create, tc) 
{ 
ipv6_nd_entry *e; 

printf("\nAdding %P to ND cache", &target); 

e = ipv6_nd_table_create(&target, &lidb); 
cu_ok(tc, (e != NULL), "%s", "create ND entry"); 
cu_ok(tc, (e->idb == &lidb) && 
IN6_ARE_ADDR_EQUAL(&e->address, &target), "%s", 
"verify ND entry"); 
} 
CU_TEST_END 


/* 
* nd_test_lookup 
*/ 
CU_TEST_START (nd_test_lookup, tc) 
{ 
ipv6_nd_entry *e; 

e = ipv6_nd_table_lookup(&target, &lidb); 
cu_ok(tc, (e != NULL), "%s", "ND lookup"); 
} 
CU_TEST_END 


/* 
* nd_test_delete 
*/ 
CU_TEST_START (nd_test_delete, tc) 
{ 
ipv6_nd_entry *e; 

ipv6_nd_table_delete(&target, &lidb); 
e = ipv6_nd_table_lookup(&target, &lidb); 
cu_ok(tc, (e == NULL), "ND delete"); 
} 
CU_TEST_END 


/* 
* nd_test_suite 
*/ 
cu_suite_t * 
nd_test_suite (void) 
{ 
cu_suite_t *s = cu_suite_new(); 

CU_SUITE_ADD_TEST(s, nd_test_create); 
CU_SUITE_ADD_TEST(s, nd_test_lookup); 
CU_SUITE_ADD_TEST(s, nd_test_delete); 

return (s); 
} 


CU_TEST_MAIN() 
{ 
int res; 
cu_suite_t *suite = cu_suite_new(); 

cu_init(); 
cu_suite_add_suite(suite, nd_test_suite()); 
setup(); 
res = cu_suite_run(suite); 
cu_suite_summary(suite); 

CU_TEST_MAIN_RETURN(res); 
}

Joined: Apr 2004
Posts: 298
Phatal Offline OP
UGN News Staff
OP Offline
UGN News Staff
Joined: Apr 2004
Posts: 298
Code
/*------------------------------------------------------------------ 
* ipv6_tcp.c -- IP version 6 support functions for TCP 
* 
* June 1996, Kirk Lougheed 
* 
* This should be the only file in the TCP sources that 
* explicitly references an IPv6 header or IPv6 addresses. 
* 
* Copyright (c) 1996-2003 by cisco Systems, Inc. 
* All rights reserved. 
*------------------------------------------------------------------ 
*/ 

#include "master.h" 
#include "address.h" 
#include "packet.h" 
#include "interface_private.h" 
#include "../ipv6/ipv6.h" 
#include "../ipv6/ipv6_private.h" 
#include "../ipv6/ipv6_stats.h" 
#include "../ipv6/ipv6_idb.h" 
#include "icmp6.h" 
#include "ipv6_debug.h" 
#include "../tcp/tcp.h" 
#include "../tcp/tcpinternal.h" 
#include "../tcp/tcp_debug.h" 


/* 
* ipv6_receive_tcp_header 
* 
* Pass a TCP segment to the main TCP layer. 
* We checksum it and set up private pointers. 
*/ 
void 
ipv6_receive_tcp_header (paktype *pak) 
{ 
ip6_hdr_t *ip; 
tcptype *tcp; 
ipv6addr_listtype *ifa; 

/* 
* Checksum the TCP packet. 
* Errors are counted by the IPv4 code. 
*/ 
ip = (ip6_hdr_t *)pak->network_start; 
tcp = (tcptype *)pak->transport_start; 

/* 
* Don't accept TCP connections to multicast or anycast addresses 
*/ 
ifa = ipv6_address_find(pak->if_input, &ip->ip6_dst); 
if ((ifa && (ifa->flags & IPV6_IFF_ANYCAST)) || 

IN6_IS_ADDR_MULTICAST(&ip->ip6_dst)) { 
if (tcp_debug) 

buginf("\nTCP: anycast or multicast address <%P,%d> <%P,%d>", 


&ip->ip6_src, tcp->sourceport, 

&ip->ip6_dst, tcp->destinationport); 

retbuffer(pak); 

return; 
} 

if (ipv6_checksum(ip, tcp, IPPROTO_TCP)) { 
if (tcp_debug) 
buginf("\nTCP: checksum failure <%P,%d> <%P,%d>", 


&ip->ip6_src, tcp->sourceport, 

&ip->ip6_dst, tcp->destinationport); 

tcp_traffic.checksumerr++; 

ipv6_stats_update_idb(IPV6_STATS_TCP_CHECKSUM_ERROR, pak->if_input); 

retbuffer(pak); 

return; 
} 

/* 
* Setup TCP's private pointers 
* pak->length is total length less IP header bytes (including extensions) 
*/ 
pak->dataptr = (uchar *)tcp; 
pak->length = ip->ip6_plen + IPV6_HEADERBYTES - ((int)tcp - (int)ip); 

/* 
* Hand TCP segment off to TCP 
*/ 
ipv6_stats_update_idb(IPV6_STATS_TCP_INPUT, pak->if_input); 

if (gettcpack(tcp)) { 
ipv6_reachable(&ip->ip6_src); 
} 
tcp_inputsegment(pak); 
} 


/* 
* ipv6_tcp_write 
* Write a TCP datagram to network using IPv6 network layer. 
* 
* Warning: the code that sends a RST about connectionless packets 
* calls us with a NULL tcb pointer. 
*/ 
void 
ipv6_tcp_write (tcbtype * tcb, paktype *pak, 


addrtype *destination, addrtype *source) 
{ 
ip6_hdr_t *ip; 
tcptype *tcp; 
int bytes; 

/* 
* Put on standard IPV6 header. 
* Figure out extension headers some other time. 
*/ 
ip = (ip6_hdr_t *)pak->network_start; 
ipv6_init_header(ip, IPV6_PRIORITY_INTERACTIVE, IPV6_DEFAULT_FLOW, 


pak->length - IPV6_HEADERBYTES, IPPROTO_TCP, 


ipv6_hop_limit, 

(in6_addr_t *)&source->ipv6_addr, 


(in6_addr_t *)&destination->ipv6_addr); 

/* 
* Compute TCP header checksum 
*/ 
tcp = (tcptype *)pak->transport_start; 
tcp->checksum = 0; 
tcp->checksum = ipv6_checksum(ip, tcp, IPPROTO_TCP); 

/* 
* Do connection based accounting and fiddling. 
*/ 
if (tcb) { 
/* 

* Do some bean counting 
*/ 

if (pak->us_retransno != 0) { 
tcp_traffic.retrans++; 

tcb->pakoutretrans++; 
ipv6_stats_update_idb(IPV6_STATS_TCP_RETRANSMITTED, 




pak->if_output); 
if (tcppkt_debug) 


tcp_print(tcb, pak, tcp, 'R'); 
} else { 
bytes = pak->length - tcp_ipbytes(tcb) + (tcp->dataoffset << 2); 
if (bytes > 0) { 

tcb->bytesoutcount += bytes; 

tcb->pakoutdata++; 

} 
tcb->pakoutcount++; 

if (tcppkt_debug) 

tcp_print(tcb, pak, tcp, 'O'); 

} 

/* 

* We're sending an ACK, so stop the ACK timer 

*/ 
tcp_stoptimer(tcb, ACKTIMEOUT); 
} 

/* 
* Write datagram to network. 
* Routing is done by IPv6. 
*/ 
pak->if_output = NULL; 
ipv6_write(pak, IPV6_STATS_TCP_OUTPUT); 
} 


/* 
* ipv6_tcp_icmp_received 
* 
* We received an ICMP error message about some datagram. 
* Check if it is for a TCP packet of ours belonging to an 
* active socket. Return TRUE if we absorbed it. 
*/ 
boolean 
ipv6_tcp_icmp_received (paktype *pak, ip6_hdr_t *ip, icmp6_hdr_t *icmp) 
{ 
tcptype *tcp; 
tcbtype *tcb; 
addrtype address; 

/* 
* We are looking for a returned TCP packet inside this ICMP message. 
*/ 
tcp = ipv6_icmp_find_ulp(pak, NULL, IPPROTO_TCP); 
if (!tcp) { 
return (FALSE); 
} 

/* 
* Check that enough of the originating packet was returned 
* that we can correctly examine the tcp sport and dport. 
* We need everything up to (but not including) the "window" field. 
*/ 
if (ip->ip6_plen + IPV6_HEADERBYTES - 

((char *)tcp - (char *)pak->network_start) 

< FIELDOFFSET(tcptype, window)) { 

ICMPV6_DEBUG("Not enough data returned - dropping packet"); 
return (FALSE); 
} 

/* 
* Find a matching TCB. 
*/ 
ipv6_addrtype_create(&ip->ip6_src, &address); 
tcb = find_tcb(GETSHORT(&tcp->destinationport), GETSHORT(&tcp->sourceport), 


&address, NULL, FALSE, FALSE, 0); 
if (tcb) { 
if (icmp->icmp6_type == ICMP6_PACKET_TOO_BIG) { 
tcp_pmtu_response(tcb, icmp->icmp6_mtu); 

} else if (tcb->state != ESTAB && tcb->state != CLOSEWAIT) { 
/* 
* Throw away TCBs that applications either don't know 
* about or don't care anymore. 
*/ 
if ((tcb->flags & TCB_GENTCBS && tcb->state == SYNRCVD) &#0124;&#0124; 
tcb->flags & TCB_APP_CLOSED) { 
tcp_async_cleanup(tcb, UNREACHABLE); 
} else { 
/* 
* Application is expected to close the connection 
* upon notification of the state change. 
*/ 
tcp_deallocatetcb(tcb, UNREACHABLE); 
} 
} 
} 
retbuffer(pak); 
return (TRUE); 
}


Link Copied to Clipboard
Member Spotlight
Posts: 30
Joined: June 2002
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Crime 1
Ice 1
Dartur 1
Cyrez 1
Powered by UBB.threads™ PHP Forum Software 7.7.5