Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Cisco Releases bug details for Duke iPhone/Wireless issues
- Thread starter peterjhill
- Start date
- Sort by reaction score
Ahhh saw a reference to this on nanog.
Cisco et al tried to stay quiet about this....can't do that forever if it's a vulnerability I guess
Cisco et al tried to stay quiet about this....can't do that forever if it's a vulnerability I guess
Ahhh saw a reference to this on nanog.
Cisco et al tried to stay quiet about this....can't do that forever if it's a vulnerability I guess
Cisco did not treat this any differently than any other security advisory as far as I could see.
I meant duke and cisco in regards to the duke+wifi+iphone issues, not this security advisory in particular.
So can we assume Cisco and Duke were trying to hide a potential vulnerability in certain Cisco routers by blaming the iPhone?
Absolutely not. Unless your writing for the Quibbler. I've seen quite a few people trying to tie the Duke rape case to the wireless problem and trying to say that people are trying to cover things up. Some people will continue to say things like this and I doubt they can be reasoned with.
The iPhone is probably one of the first devices to implement RFC 4436. Otherwise known as "Detecting Network Attachment in IPv4" If you read the RFC, which is very interesting, a device when it attaches to a network it thinks it might have been attached to before and still has a valid DHCP lease, will send a unicast ARP to the default gateway.
On the Cisco networks, they were seeing what they saw as an unknown MAC address when the iPhone roamed to a new part of the wireless network with the same SSID. When it sent out the test ARP per the RFC, the wireless controller forwarded the ARP out all the interfaces as an unknown destination MAC address. The next controller got this same packet and did the same.. There are more details in the Cisco notice to explain how the amplification occurred.
So, the iPhone does not have a bug, it is definitely Cisco, but the problem was never seen before the iPhone due to it using the new RFC protocol. It is easy to understand how one could initially think the iPhone had a bug, since tracking down where in the network the amplification was occurring would be difficult due to the fact you are using the listening device (the AP) to snoop the traffic.
Got to go now, so need to cut this off here.
Cisco BLOG entry related to Duke/iPhone
Cisco BLOG entry related to Duke/iPhone
http://blogs.cisco.com/news/2007/07/cisco_duke_university_and_appl.html
Cisco BLOG entry related to Duke/iPhone
http://blogs.cisco.com/news/2007/07/cisco_duke_university_and_appl.html
I never said they covered this up.
I was merely noting the lack of information regarding the duke issue other than "it's fixed" until today's (yesterday, whatever) security advisory from Cisco.
Sorry, Janey, was not trying to imply that you meant that... A few other threads here and some other places were trying to say that Duke was trying to cover up after this event.
It seems that the fire has put itself out around this event now and we can all return to our normal lives.