Re: IOS Rookit: the sky isn't falling (yet)

["Kevin Oberman" <oberman () es net>]

> Date: Tue, 27 May 2008 15:46:34 -0400 (EDT)
> From: Sean Donelan <sean () donelan com>
>
> On Tue, 27 May 2008, goemon () anime net wrote:
> > Are you buying directly from cisco or from resellers? If you are getting 
> > counterfeit hardware directly from cisco then I guess we have real problems.
>
> According to the FBI presentation, which may not be a reliable source
> for this topic, Cisco has very few "direct" customers.
>
> Even if you think you are ordering "direct" from Cisco, e.g. 
> www.cisco.com, the order seems to get forwarded to several primary Cisco 
> resellers and the hardware shipped via a reseller.  Even most resellers 
> buy their Cisco products from a primary reseller or a secondary reseller, 
> not direct from Cisco.
>
> The FBI presentation did note that a few US Cisco customers, such as some 
> unnamed large US telcos and unnamed intelligence agencies, do order and 
> ship directly from Cisco.

A lot of folks order from  a reseller and Cisco  ships directly. This is
true for  many section 8a  resellers when selling to organizations under
those purchasing mandates...anyone spending  federal $$$. I suspect some
states have similar requirements. (Section 8a gives preference to small,
minority owned, and disadvantaged businesses.)

In any case, the reseller never sees this equipment. I am unclear on how
common this is in the non-8a part of the world, but I suspect a lot of
folks get their stuff direct from Cisco (or Juniper, for that matter),
even though they buy from a reseller, if they are buying bigger boxes
that small resellers are unlikely to stock.
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman () es net                       Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751

Attachment: _bin
Description: