nanog mailing list archives
Re: NSA able to compromise Cisco, Juniper, Huawei switches
From: "Dobbins, Roland" <rdobbins () arbor net>
Date: Tue, 31 Dec 2013 19:44:15 +0000
On Jan 1, 2014, at 2:34 AM, Jonathan Greenwood II <gwood83 () gmail com> wrote:
The best response I've seen to all this hype and I completely agree with Scott: "Do ya think that you wouldn't also notice a drastic increase in outbound traffic to begin with? It's fun to watch all the hype and things like that, but to truly sit down and think about what it would actually take to make something like this happen, especially on a sustained and "unnoticed" basis, is just asinine.
Hopefully, this drives home the importance of all the various BCPs like iACLs, isolated jump-off boxes for interactive access, config-file management, and network telemetry - including visibility into DCN/OOB traffic. There are open-source tools out there which can be used for these purposes. It doesn't require a lot of capex, mainly opex - i.e., elbow-grease. ----------------------------------------------------------------------- Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com> Luck is the residue of opportunity and design. -- John Milton
Current thread:
- RE: NSA able to compromise Cisco, Juniper, Huawei switches, (continued)
- RE: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Jeremy Bresley (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Jeremy Bresley (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Clay Kossmeyer (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Randy Bush (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Sharif Torpis (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Florian Weimer (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Randy Bush (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Jonathan Greenwood II (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches sthaug (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Paul Ferguson (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Randy Bush (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 31)
- RE: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Randy Bush (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Florian Weimer (Dec 31)