NSA able to compromise Cisco, Juniper, Huawei switches

Sam Moats sam at circlenet.us
Mon Dec 30 16:18:49 UTC 2013


This might be an interesting example of it's (mis)use.
http://en.wikipedia.org/wiki/Greek_wiretapping_case_2004%E2%80%932005
Sam Moats

On 2013-12-30 11:16, Enno Rey wrote:
> On Mon, Dec 30, 2013 at 04:03:07PM +0000, Dobbins, Roland wrote:
>>
>> On Dec 30, 2013, at 10:44 PM, <Valdis.Kletnieks at vt.edu> 
>> <Valdis.Kletnieks at vt.edu> wrote:
>>
>> > What percentage of Cisco gear that supports a CALEA lawful 
>> intercept mode is installed in situations where CALEA doesn't apply, 
>> and thus there's a high likelyhood that said support is misconfigured 
>> and abusable without being noticed?
>>
>> AFAIK, it must be explicitly enabled in order to be functional.  It 
>> isn't the sort of thing which is enabled by default, nor can it be 
>> enabled without making explicit configuration changes.
>
> at least back in 2007 it could be enabled/configured by SNMP RW
> access [see slide 43 of the presentation referenced in this post
> 
> http://www.insinuator.net/2013/07/snmp-reflected-amplification-ddos-attacks/]
> so knowing the term "private" m
> ight be enough to perform the task remotely.
>
> have a good one
>
> Enno
>
>
>
>
>>
>> 
>> -----------------------------------------------------------------------
>> Roland Dobbins <rdobbins at arbor.net> // 
>> <http://www.arbornetworks.com>
>>
>> 	  Luck is the residue of opportunity and design.
>>
>> 		       -- John Milton
>>




More information about the NANOG mailing list