Re: NSA able to compromise Cisco, Juniper, Huawei switches

[jim deleskie <deleskie () gmail com>]

There are many ways a backdoor could be used in a properly secured system.
  To think otherwise is a huge mistake.  I can think of several ways, if
tasked and given the resources of a large gov't that I would attack this
problem.  To assume that those tasked and focused only this type of
solution aren't even more capable would be foolhardy.


-jim


On Mon, Dec 30, 2013 at 12:28 PM, Marco Teixeira <admin () marcoteixeira com>wrote:

> Hi all,
>
> I've been watching this list for a couple weeks now and while risking
> beeing flamed, i just wanted to say that any network professional that puts
> any equipment into production without securing it against the kind of
> issues mentioned so far (cisco/cisco, snmp private, etc) is negligent and
> should be fired on the spot.
>
> These are not backdoor issues, NSA related, whatever... This is noise.
> Trying to get this thread on track, can the original poster provide any
> proof of this so called ability of the so called inteligence agency beeing
> able to access cisco/juniper, taking into account that management access
> has been correctly configured ?
>
> Regards
>
> -Marco
>
>
> ---
> Cumprimentos / Best regards
>
> Marco Teixeira
> email/gtalk/msn: admin () marcoteixeira com
> skype: admin-marcoteixeira.com
> ---
> Did you know that Marco Teixeira is an independent,  industry expert,
> senior
> consultant ? His expertise is available for hire.
> ---
>
>
> On Mon, Dec 30, 2013 at 4:16 PM, Enno Rey <erey () ernw de> wrote:
>
> > On Mon, Dec 30, 2013 at 04:03:07PM +0000, Dobbins, Roland wrote:
> > > On Dec 30, 2013, at 10:44 PM, <Valdis.Kletnieks () vt edu> <
> > Valdis.Kletnieks () vt edu> wrote:
> > > > What percentage of Cisco gear that supports a CALEA lawful intercept
> > mode is installed in situations where CALEA doesn't apply, and thus
> there's
> > a high likelyhood that said support is misconfigured and abusable without
> > being noticed?
> > > AFAIK, it must be explicitly enabled in order to be functional.  It
> > isn't the sort of thing which is enabled by default, nor can it be
> enabled
> > without making explicit configuration changes.
> >
> > at least back in 2007 it could be enabled/configured by SNMP RW access
> > [see slide 43 of the presentation referenced in this post
> http://www.insinuator.net/2013/07/snmp-reflected-amplification-ddos-attacks/
> ]
> > so knowing the term "private" m
> > ight be enough to perform the task remotely.
> >
> > have a good one
> >
> > Enno
> >
> >
> >
> >
> > > -----------------------------------------------------------------------
> > > Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>
> > >
> > >         Luck is the residue of opportunity and design.
> > >
> > >                      -- John Milton
> >
> >
> >
> > --
> > Enno Rey
> >
> > ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de
> > Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902
> >
> > Handelsregister Mannheim: HRB 337135
> > Geschaeftsfuehrer: Enno Rey
> >
> > =======================================================
> > Blog: www.insinuator.net || Conference: www.troopers.de
> > =======================================================