NSA able to compromise Cisco, Juniper, Huawei switches

Paul Ferguson fergdawgster at mykolab.com
Tue Dec 31 20:42:25 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/31/2013 12:33 PM, sthaug at nethelp.no wrote:

 >> The best response I've seen to all this hype and I completely agree with
 >> Scott:
 >>
 >> "Do ya think that you wouldn't also notice a drastic increase in
 >> outbound traffic to begin with?  It's fun to watch all the hype and
 >> things like that, but to truly sit down and think about what it would
 >> actually take to make something like this happen, especially on a
 >> sustained and
 >> "unnoticed" basis, is just asinine.
 >
 > A drastic increase, definitely. Smaller increases (say a couple of Mbps
 > on a link normally carrying 100 Mbps or more), doubtful.
 >
 > It all depends on the volume of the information you're looking for.
 >

More than you know.

As someone who has seen firsthand, in real time, an adversary exfiltrate
documents and other data out of an organization which he has gained
unauthorized internal access -- real professionals know how to blend in
with the noise & fly under the radar successfully.

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 2317)
Charset: utf-8

wj8DBQFSwywoq1pz9mNUZTMRAtFaAKDrbdnfnnPOP6G0DSRUxK4WmbtGhwCfRaQ/
V7MRFxg+dGwNKZgx4qK0Ogs=
=XiSA
-----END PGP SIGNATURE-----

-- 
Paul Ferguson
PGP Public Key ID: 0x63546533




More information about the NANOG mailing list