Home page logo
/

nanog logo nanog mailing list archives

Re: Cisco, haven't we learned anything? (technician reset)
From: "Fergie" <fergdawg () netzero net>
Date: Thu, 12 Jan 2006 16:05:06 GMT


Very good points, BTW.

And these are certainly factors which, I'm sure, other
companies are also susceptible. :-)

- ferg


-- Hank Nussbacher <hank () efes iucc ac il> wrote:

[re: http://www.cisco.com/en/US/products/products_security_advisory09186a00805e3234.shtml]

[snip]

Cisco acquired Protego in Dec 2004 and thereby acquired MARS:
http://www.infoworld.com/article/04/12/20/HNciscoprotego_1.html

Cisco didn't put it in there - they bought the bug for $65M. :-)

[snip]

I think Cisco just doesn't check the product closely enough and trusts the
R&D coders and doesn't introduce an external security QA to the product
being purchased.

-Hank

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault