nanog mailing list archives
Re: NSA able to compromise Cisco, Juniper, Huawei switches
From: Michael Thomas <mike () mtcc com>
Date: Mon, 30 Dec 2013 08:11:32 -0800
On 12/30/2013 08:03 AM, Dobbins, Roland wrote:
On Dec 30, 2013, at 10:44 PM, <Valdis.Kletnieks () vt edu> <Valdis.Kletnieks () vt edu> wrote:What percentage of Cisco gear that supports a CALEA lawful intercept mode is installed in situations where CALEA doesn't apply, and thus there's a high likelyhood that said support is misconfigured and abusable without being noticed?AFAIK, it must be explicitly enabled in order to be functional. It isn't the sort of thing which is enabled by default, nor can it be enabled without making explicit configuration changes.
Also, the way that things are integrated it's usually an explicit decision to pull a piece of functionality in rather than inheriting it. Product managers don't willingly want to waste time pulling things in that a) don't make them money, and b) require support. So I doubt very seriously that CALEA functionality is accidentally included into inappropriate things. Doubly so because of the performance
implications. Mike
Current thread:
- Re: NSA able to compromise Cisco, Juniper, Huawei switches, (continued)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Saku Ytti (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Shawn Wilson (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Saku Ytti (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Ray Soucy (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches shawn wilson (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Valdis . Kletnieks (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Michael Thomas (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Enno Rey (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Sam Moats (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Ray Soucy (Dec 30)
- RE: NSA able to compromise Cisco, Juniper, Huawei switches Lorell Hathcock (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches shawn wilson (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Ray Soucy (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Randy Bush (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Sabri Berisha (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Shawn Wilson (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Saku Ytti (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 30)