Cisco support has gone down the tubes. I remember calling sales and getting someone who actually could help. Now They are refusing to support Vista with my Pix firewall VPN, I need remote logon for my domain. (SBL) They did everything (including blaming Micrsoft) not to fix my problem. I would expect more out of Cisco then to make a client that only Half works for vista. No plans to make it right, very lame....

Cisco mainly positions its NAC appliance solution which is widely deployed and is a very reliable solution and not the NAC framework mentioned. If the hacking was truly done, how come they did not demo it? and how come they did not talk about other vendors?

Seeing is believing: anybody can talk and claim that they hacked any system and if there is no concrete proof and clear explanation of how testing was done and proper analysis and explanation of results, this information is simply worthless

Thanks for posting this video. I got to meet these guys at BH America and I have to say their work is amazing. The research and reverse engineering work alone seemed overwhelming and the hack was brilliant. Thanks for the vid.

An in all honesty, most (if not all) NAC technologies out there suffer from a similar type of flaw. As rightly said at the begining, you are asking an end-device for posture information, which quite frankly can be spoofed - in some cases easily, in other cases not so easily.

if this would be the only flaw on the cisco devices I would be the gladest man in the world.

Yer solid effort indeed. Smartasses :)

Great video guys!

I never saw anything but two guys talk, demo anyone?

Very intresting, I do a little bit of reverse engineering myself and it is a lenghty process.

So grats to these guys.