nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSA able to compromise Cisco, Juniper, Huawei switches

From: Paul Ferguson <fergdawgster () mykolab com>
Date: Tue, 31 Dec 2013 12:42:25 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/31/2013 12:33 PM, sthaug () nethelp no wrote:

>> The best response I've seen to all this hype and I completely agree with
>> Scott:
>>
>> "Do ya think that you wouldn't also notice a drastic increase in
>> outbound traffic to begin with?  It's fun to watch all the hype and
>> things like that, but to truly sit down and think about what it would
>> actually take to make something like this happen, especially on a
>> sustained and
>> "unnoticed" basis, is just asinine.
>
> A drastic increase, definitely. Smaller increases (say a couple of Mbps
> on a link normally carrying 100 Mbps or more), doubtful.
>
> It all depends on the volume of the information you're looking for.
>

More than you know.

As someone who has seen firsthand, in real time, an adversary exfiltrate
documents and other data out of an organization which he has gained
unauthorized internal access -- real professionals know how to blend in
with the noise & fly under the radar successfully.

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 2317)
Charset: utf-8

wj8DBQFSwywoq1pz9mNUZTMRAtFaAKDrbdnfnnPOP6G0DSRUxK4WmbtGhwCfRaQ/
V7MRFxg+dGwNKZgx4qK0Ogs=
=XiSA
-----END PGP SIGNATURE-----

--
Paul Ferguson
PGP Public Key ID: 0x63546533
Previous By Date Next
Previous By Thread Next

Current thread: