NSA able to compromise Cisco, Juniper, Huawei switches

Warren Bailey wbailey at satelliteintelligencegroup.com
Tue Dec 31 19:16:18 UTC 2013


+1

NSA states very clearly this is baked in and ³widely deployed². Either
Cisco is not very happy with their government overlords today, or they are
having long meetings at those oversized conference tables trying to figure
out what to tell everyone. I¹m curious about the implications to the US
DoD STIG¹s that are put out, as I¹m fairly sure they do not mention there
is a backdoor that anyone who knows how to knock can access.

My other question is.. How are they identifying unique ASA and PIX? Is
there a fingerprint mechanism that tells it what¹s going on? I¹d think
there would be quite a few admins out there with really weird syslog
entries??

Randy is right here.. Cisco has some Œsplainin to do - we buy these
devices as ³security appliances², not NSA rootkit gateways. I hope the .cn
guys don¹t figure out what¹s going on here, I¹d imagine there are plenty
of ASA¹s in the .gov infrastructures.

//warren

PS - I mentioned .cn specifically because of the Huawei aspect, in
addition to the fact that it has been widely publicized we are in a ³cyber
war² with them. 

On 12/31/13, 12:07 PM, "Randy Bush" <randy at psg.com> wrote:

>> There's a limit to what can reasonably be called a *product*
>> vulnerability.
>
>right.  if the product was wearing a low-cut blouse and a short skirt,
>it's not.
>
>it's weasel words (excuse the idiom).  shoveling kitty litter over a big
>steaming pile.
>
>let me insert a second advert for jake's 30c3 preso,
>https://www.youtube.com/watch?v=b0w36GAyZIA
>
>randy
>




More information about the NANOG mailing list