Re: huawei

[Phil Fagan <philfagan () gmail com>]

This is a good point; unless your taping your traffic and examining it for
anything outside of the norm then would you ever see it? However, we are
talking transport protocols, no? I would certainly hope the OOB network was
monitored and controlled.

Hmm.....a network of clients/servers strategically located at Huewai POPS
with a sole pupose of creating sessions destined for control servers so as
to create the ability to inject payload into packets that are actually
destined for where you want the data to go.


On Thu, Jun 13, 2013 at 11:42 AM, Leo Bicknell <bicknell () ufp org> wrote:

> On Jun 13, 2013, at 11:35 AM, Patrick W. Gilmore <patrick () ianai net>
> wrote:
>
> > Also, I find it difficult to believe Hauwei has the ability to do DPI or
> something inside their box and still route at reasonable speeds is a bit
> silly. Perhaps they only duplicate packets based on source/dest IP address
> or something that is magically messaged from the mother ship, but I am
> dubious.
>
> This could be a latent, not used feature from _any_ vendor.
>
> A hard coded backdoor password and username.  A sequence of port-knocking
> that enables ssh on an alternate port with no ACL.  Logins through that
> mechanism not in syslog, not in the currently logged in user table, perhaps
> the process(es) hidden from view.
>
> Do we really trust Cisco and Juniper more than Hueawei? :)
>
> --
>        Leo Bicknell - bicknell () ufp org - CCIE 3440
>         PGP keys at http://www.ufp.org/~bicknell/


-- 
Phil Fagan
Denver, CO
970-480-7618