Cisco Blogs

Cisco Blog > TechWiseTV

Security Questions

What a fantastic show last week – “Crime Still Pays” featuring Patrick Peterson and Kevin Kennedy taped LIVE from the RSA 2009 show. (You can catch the recording right now with no waiting). We had questions and some consistency with ‘requests for clarification’ that I promised we would follow up on in the blog here. Several people inquired about a tool that Jimmy Ray referred to in rather loving fashion…it was ‘Maltego’ – an open source forensics application that can assist in drawing out hard to define relationships. * * * * * *Another common question we received was around MD6. What is it? In a nutshell…its new cryptography that although it had not had time to make it into any real products yet…it was already being used in Conficker B. This fact, plus the speed in which it was updated is fascinating. Here is a great explanation straight from the SRI International Analysis under the ‘implications of Variant C:In evaluating this mechanism, we find that the Conficker authors have devised a sophisticated encryption protocol that is generally robust to direct attack. All three crypto-systems employed by Conficker’s authors (RC4, RSA, and MD-6) also have one underlying commonality. They were all produced by Dr. Ron Rivest of MIT. Furthermore, the use of MD-6 is a particularly unusual algorithm selection, as it represents the latest encryption hash algorithm produced to date. The discovery of MD-6 in Conficker B is indeed highly unusual given Conficker’s own development time line. We date the creation of Conficker A to have occurred in October 2008, roughly the same time frame that MD-6 had been publicly released by Dr. Rivest (see While A employed SHA-1, we can now confirm that MD-6 had been integrated into Conficker B by late December 2008 (i.e., the authors chose to incorporate a hash algorithm that had literally been made publicly available only a few weeks earlier).Unfortunately for the Conficker authors, by mid-January, Dr. Rivest’s group submitted a revised version of the MD-6 algorithm, as a buffer overflow had been discovered in its implementation. This revision was inserted quietly, followed later by a more visible public announcement of the buffer overflow on 19 February 2009, with the release of the Fortify report ( We confirmed that this buffer overflow was present in the Conficker B implementations. However, we also confirmed that this buffer overflow was not exploitable as a means to take control of Conficker hosts. Nevertheless, the Conficker developers were obviously aware of these developments, as they have now repaired their MD-6 implementation in Conficker C, using the identical fix made by Dr. Rivest’s group. Clearly the authors are aware of, and adept at understanding and incorporating, the latest cryptographic advances, and are actively monitoring the latest developments in this community.* * * * * * iACL’s or ‘Infrastructure ACL’s’ were also a hot topic in this show. Read More »

Network Testing Reaches Breaking Point

Jimmy Ray caught up with Phil Trainor from BreakingPoint while at the RSA Conference…and then I happended to sit next to Kyle Flaherty, their Marketing Director on the plane ride home…(they are based in Austin, TX). Chance? I think not – shrewed marketers who realize that we have easy access to at lest 12 to 15 geeks…. Are you familiar with them? Jimmy Ray loves them and as you will see gives them high marks for their blog. technology. Great Guys. Texans. What more do you need?

Episode 45 – Crime Still Pays – Show Notes


 This show airs on Thursday, May 21 @ 10 AM PST.Register Now!Check out the preview:


 One of the first things you may notice about this show is that we did it 100% at the RSA conference…that is new for us and I was initially concerned about our ability to deliver the detail we would normally. It was certainly different, I could not always hear, Jimmy Ray and I juggle a bit physically with guests on the stage – but I really liked that JR could work with the plasma and physically walk us through what he was speaking to.  It really makes me want to push harder on how we can improve our whiteboarding technology on the show.  I think Valerie St. John did an outstanding job with her usual ‘classing up.’

Don’t miss Jimmy Ray’s Hands on Security Workshop Schedule for June 4

So what all did we/will we cover? Read More »

Switching Kitchen

There relatively few things that Jimmy Ray enjoys more than fishing. He LOVES anything having to do with routing and switching. Switching Kitchen is a great concept from one of our sister marketing teams on the switching side – Victoria Sanchez and Rob Sloan on that team have created the concept and pushed it through. Reminds me of a deluxe version of Jimmy Ray’s popular ‘Turn It On’ segments that he did with Jog Mahal. These are fantastic bite sized (pun intended?) morsels of networking wisdom delivered in a very entertaining fashion. You really must check these out– very impressive. I know JR is having a great time making these….what subjects would you like to see him hit? Let us know….

Big Event Marketing – Taking it to the Next Level

imageWe are almost at the 3 year mark for TechWIseTV and Jimmy Ray and I could not be more surprised. There is always the very real fear that when you embark upon a program like we did that you risk getting into something that may not last. Good ideas come and go and marketing teams can often be guilty of chasing the shiny ‘next thing.’ To the credit of the people that created our team and the perserverance of a great group of people behind the scenes who have helped to track and continually improve our ROI…we not only remain an active team but we are still growing and pushing. International expansion is the biggest new focus we scramble to provide demand marketing services to our top 13 foreign markets in a way that not only scales our expertise but does so in a complimentary and familiar way so we are not simply forcing them to listen to these two Southerners talk tech. More on this in later posts.The point of this entry today – what can or should be done next? The international expansion is largely a challenge of distribution, localization and buy-in. The team behind us is doing a good job with this. Jimmy Ray and I are forever concerned with not getting stale. We have a good rhythm right now producing almost 50 shows…but I don’t want that gentle rhythm to get too comfortable. One thing both of us miss…and it was highlighted with the success of our appearance at RSA last week is the energy of a live audience. Working with cameras has and continues to be a great development skill. But we miss being in front of and being able to interact with people. It took me 3 years to slowly convince our security marketing team to let us ‘run the stage’ on the expo floor – last week we finally got to do it. Although the experience taught me a few things that I want to do differently…I think it was very successful. RSA was a blast – JR and I LOVE security… but the big show for us (especially based on our audience focus) is CiscoLive! (formerly Networkers).Why do we love CiscoLive? Read More »