[163633] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: huawei

daemon@ATHENA.MIT.EDU (Nick Hilliard)
Thu Jun 13 13:58:36 2013

X-Envelope-To: nanog@nanog.org
Date: Thu, 13 Jun 2013 18:56:19 +0100
From: Nick Hilliard <nick@foobar.org>
To: Leo Bicknell <bicknell@ufp.org>
In-Reply-To: <33448B0E-AA52-4904-85EE-1DF2A7E3F8E8@ufp.org>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

On 13/06/2013 18:42, Leo Bicknell wrote:
> A hard coded backdoor password and username.

e.g.: http://www.phenoelit.org/dpl/dpl.html

Or alternatively if you want access to any huawei device with software
older than about a year ago:

http://phenoelit.org/stuff/Huawei_DEFCON_XX.pdf

> A sequence of
> port-knocking that enables ssh on an alternate port with no ACL.

e.g.
> http://krebsonsecurity.com/2013/01/backdoors-found-in-barracuda-networks-gear/

There's no need to resort to malice to explain these problems when
alternative explanations exist.

Nick


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[163633] in North American Network Operators' Group

Re: huawei

daemon@ATHENA.MIT.EDU (Nick Hilliard)Thu Jun 13 13:58:36 2013

daemon@ATHENA.MIT.EDU (Nick Hilliard)
Thu Jun 13 13:58:36 2013