[167801] in North American Network Operators' Group
Re: NSA able to compromise Cisco, Juniper, Huawei switches
daemon@ATHENA.MIT.EDU (Enno Rey)
Mon Dec 30 11:18:14 2013
Date: Mon, 30 Dec 2013 17:16:36 +0100
From: Enno Rey <erey@ernw.de>
To: nanog@nanog.org
In-Reply-To: <9B3DCE32-A71C-4DD1-8B63-2FCE83A5F520@arbor.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mon, Dec 30, 2013 at 04:03:07PM +0000, Dobbins, Roland wrote:
>
> On Dec 30, 2013, at 10:44 PM, <Valdis.Kletnieks@vt.edu> <Valdis.Kletnieks@vt.edu> wrote:
>
> > What percentage of Cisco gear that supports a CALEA lawful intercept mode is installed in situations where CALEA doesn't apply, and thus there's a high likelyhood that said support is misconfigured and abusable without being noticed?
>
> AFAIK, it must be explicitly enabled in order to be functional. It isn't the sort of thing which is enabled by default, nor can it be enabled without making explicit configuration changes.
at least back in 2007 it could be enabled/configured by SNMP RW access [see slide 43 of the presentation referenced in this post http://www.insinuator.net/2013/07/snmp-reflected-amplification-ddos-attacks/] so knowing the term "private" m
ight be enough to perform the task remotely.
have a good one
Enno
>
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
>
> Luck is the residue of opportunity and design.
>
> -- John Milton
>
--
Enno Rey
ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de
Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902
Handelsregister Mannheim: HRB 337135
Geschaeftsfuehrer: Enno Rey
=======================================================
Blog: www.insinuator.net || Conference: www.troopers.de
=======================================================
