One can only imagine what raced through Michael Lynn's mind the penultimate moment before he saved or sacrificed our nation's critical infrastructure, depending on your take of the researcher's Black Hat Briefings presentation this week.

Lynn's the guy who quit his job at Atlanta-based Internet Security Systems Inc. and defied legal threats from Cisco Systems Inc. to divulge (without much detail) how he reverse-engineered Cisco's Internetwork Operating System [IOS] software to exploit a known flaw in the networking giant's routers. He and Black Hat conference founder Jeff Moss are now off the legal hook, with the two men and two companies having reached an accord late Thursday.

But what happened, and why, continues to confound the security community. Initially, ISS consented for Lynn, then with its X-Force research team, to discuss his findings at the annual Las Vegas conference, especially given a patch to prevent the attack had been out for three months. ISS apparently had been working with Cisco on this problem for at least that long. Then Cisco got involved, belatedly, and deployed staff to cut Lynn's PowerPoint pages from 2,300 conference handbooks. Wednesday it issued a restraining order against Black Hat organizers and Lynn. On Thursday, Cisco distributed abridged CDs of proceedings to 2,500 conventioneers.

"Considering how important Cisco routers are to the Internet, I can somewhat understand their concerns," Steve Fletcher, a security specialist for a security consulting firm in central Illinois, said in an e-mail exchange. "However, I believe they went to extremes, considering that a patch is supposedly available."

The link for this article located at SearchSecurity is no longer available.