NSA able to compromise Cisco, Juniper, Huawei switches

Dobbins, Roland rdobbins at arbor.net
Tue Dec 31 02:05:08 UTC 2013

On Dec 31, 2013, at 12:00 AM, Ray Soucy <rps at maine.edu> wrote:

> So this isn't an issue of the NSA working with Cisco and Juniper to include back doors, it's an issue of the NSA modifying those releases after the fact though BIOS implants.

Yes, I see this now, thanks.

AFAICT, the Cisco boxes listed are ASAs and PIXes, which are essentially Linux PCs running a bunch of userland firewall stuff and which have BIOSes and so forth; they aren't routers/switches.  I don't know much about Juniper gear, but it appears that the Juniper boxes listed are similar in nature, albeit running FreeBSD underneath (correction welcome).  I know nothing at all about Huawei gear.

Compromising PCs with persistent malware/rootkits is pretty routine, so this isn't really surprising, IMHO.

Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton

More information about the NANOG mailing list