NSA able to compromise Cisco, Juniper, Huawei switches

• Previous message (by thread): NSA able to compromise Cisco, Juniper, Huawei switches
• Next message (by thread): Juniper SSL VPN
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On (2013-12-31 18:49 +0100), Enno Rey wrote:

> some approaches were discussed in 2010, by Graeme Neilson from NZ here:
> 
> https://www.troopers.de/wp-content/uploads/2012/10/TROOPERS10_Netscreen_of_the_Dead_Graeme_Neilson.pdf
> 
> a later year, at the same conference, he gave a private session demonstrating basically the same stuff for JunOS, as ongoing (and, at the time, non-public) research.

If I read that correctly, it requires someone to install malicious code to the
box and won't persist if someone upgrades it later to non malicious code.

What the screenshot of NSA 'implant' says is persistently broken, through
malicious BIOS, which dynamically rewrites kernel in-memory post-boot.

The netscreen hack, is cute, but it's rather on the same difficulty level as
it is to build savegame editor for game.

-- 
  ++ytti

• Previous message (by thread): NSA able to compromise Cisco, Juniper, Huawei switches
• Next message (by thread): Juniper SSL VPN
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]