[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NSA able to compromise Cisco, Juniper, Huawei switches

Subject: NSA able to compromise Cisco, Juniper, Huawei switches
From: erey at ernw.de (Enno Rey)
Date: Mon, 30 Dec 2013 17:16:36 +0100
In-reply-to: <[email protected]>
References: <CADb1SusoPKF0n0rhazJ0GKMLLQMh=-EL83ruzu6cyuoVp4L2jA@mail.gmail.com> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <CALFTrnNzUUzPf_Lmu8+fLcddpK9-Pknx89AfXcX--VN6d3u0sQ@mail.gmail.com> <[email protected]> <[email protected]> <[email protected]>

On Mon, Dec 30, 2013 at 04:03:07PM +0000, Dobbins, Roland wrote:
> 
> On Dec 30, 2013, at 10:44 PM, <Valdis.Kletnieks at vt.edu> <Valdis.Kletnieks at vt.edu> wrote:
> 
> > What percentage of Cisco gear that supports a CALEA lawful intercept mode is installed in situations where CALEA doesn't apply, and thus there's a high likelyhood that said support is misconfigured and abusable without being noticed?
> 
> AFAIK, it must be explicitly enabled in order to be functional.  It isn't the sort of thing which is enabled by default, nor can it be enabled without making explicit configuration changes.

at least back in 2007 it could be enabled/configured by SNMP RW access [see slide 43 of the presentation referenced in this post http://www.insinuator.net/2013/07/snmp-reflected-amplification-ddos-attacks/] so knowing the term "private" m
ight be enough to perform the task remotely.

have a good one

Enno




> 
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
> 
> 	  Luck is the residue of opportunity and design.
> 
> 		       -- John Milton
> 



-- 
Enno Rey

ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de
Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902 

Handelsregister Mannheim: HRB 337135
Geschaeftsfuehrer: Enno Rey

=======================================================
Blog: www.insinuator.net || Conference: www.troopers.de
=======================================================

Follow-Ups:
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: sam at circlenet.us (Sam Moats)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: admin at marcoteixeira.com (Marco Teixeira)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rdobbins at arbor.net (Dobbins, Roland)

References:
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: stenrulz at gmail.com (sten rulz)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: saku at ytti.fi (Saku Ytti)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: ag4ve.us at gmail.com (Shawn Wilson)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: saku at ytti.fi (Saku Ytti)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rdobbins at arbor.net (Dobbins, Roland)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rps at maine.edu (Ray Soucy)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rdobbins at arbor.net (Dobbins, Roland)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rdobbins at arbor.net (Dobbins, Roland)

Prev by Date: NSA able to compromise Cisco, Juniper, Huawei switches
Next by Date: NSA able to compromise Cisco, Juniper, Huawei switches
Previous by thread: NSA able to compromise Cisco, Juniper, Huawei switches
Next by thread: NSA able to compromise Cisco, Juniper, Huawei switches
Index(es):
- Date
- Thread