NSA able to compromise Cisco, Juniper, Huawei switches

Saku Ytti saku at ytti.fi
Tue Dec 31 18:48:43 UTC 2013


On (2013-12-31 18:49 +0100), Enno Rey wrote:

> some approaches were discussed in 2010, by Graeme Neilson from NZ here:
> 
> https://www.troopers.de/wp-content/uploads/2012/10/TROOPERS10_Netscreen_of_the_Dead_Graeme_Neilson.pdf
> 
> a later year, at the same conference, he gave a private session demonstrating basically the same stuff for JunOS, as ongoing (and, at the time, non-public) research.

If I read that correctly, it requires someone to install malicious code to the
box and won't persist if someone upgrades it later to non malicious code.

What the screenshot of NSA 'implant' says is persistently broken, through
malicious BIOS, which dynamically rewrites kernel in-memory post-boot.

The netscreen hack, is cute, but it's rather on the same difficulty level as
it is to build savegame editor for game.

-- 
  ++ytti



More information about the NANOG mailing list