NSA able to compromise Cisco, Juniper, Huawei switches

[wbailey at satelliteintelligencegroup.com (Warren Bailey)]

+1

NSA states very clearly this is baked in and ?widely deployed?. Either
Cisco is not very happy with their government overlords today, or they are
having long meetings at those oversized conference tables trying to figure
out what to tell everyone. I?m curious about the implications to the US
DoD STIG?s that are put out, as I?m fairly sure they do not mention there
is a backdoor that anyone who knows how to knock can access.

My other question is.. How are they identifying unique ASA and PIX? Is
there a fingerprint mechanism that tells it what?s going on? I?d think
there would be quite a few admins out there with really weird syslog
entries??

Randy is right here.. Cisco has some ?splainin to do - we buy these
devices as ?security appliances?, not NSA rootkit gateways. I hope the .cn
guys don?t figure out what?s going on here, I?d imagine there are plenty
of ASA?s in the .gov infrastructures.

//warren

PS - I mentioned .cn specifically because of the Huawei aspect, in
addition to the fact that it has been widely publicized we are in a ?cyber
war? with them. 

On 12/31/13, 12:07 PM, "Randy Bush" <randy at psg.com> wrote:

>> There's a limit to what can reasonably be called a *product*
>> vulnerability.
>
>right.  if the product was wearing a low-cut blouse and a short skirt,
>it's not.
>
>it's weasel words (excuse the idiom).  shoveling kitty litter over a big
>steaming pile.
>
>let me insert a second advert for jake's 30c3 preso,
>https://www.youtube.com/watch?v=b0w36GAyZIA
>
>randy
>