[167803] in North American Network Operators' Group
Re: NSA able to compromise Cisco, Juniper, Huawei switches
daemon@ATHENA.MIT.EDU (Sam Moats)
Mon Dec 30 11:24:35 2013
To: <nanog@nanog.org>
Date: Mon, 30 Dec 2013 11:18:49 -0500
From: Sam Moats <sam@circlenet.us>
Mail-Reply-To: <sam@circlenet.us>
In-Reply-To: <20131230161635.GA16611@ernw.de>
Reply-To: sam@circlenet.us
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
This might be an interesting example of it's (mis)use.
http://en.wikipedia.org/wiki/Greek_wiretapping_case_2004%E2%80%932005
Sam Moats
On 2013-12-30 11:16, Enno Rey wrote:
> On Mon, Dec 30, 2013 at 04:03:07PM +0000, Dobbins, Roland wrote:
>>
>> On Dec 30, 2013, at 10:44 PM, <Valdis.Kletnieks@vt.edu>
>> <Valdis.Kletnieks@vt.edu> wrote:
>>
>> > What percentage of Cisco gear that supports a CALEA lawful
>> intercept mode is installed in situations where CALEA doesn't apply,
>> and thus there's a high likelyhood that said support is misconfigured
>> and abusable without being noticed?
>>
>> AFAIK, it must be explicitly enabled in order to be functional. It
>> isn't the sort of thing which is enabled by default, nor can it be
>> enabled without making explicit configuration changes.
>
> at least back in 2007 it could be enabled/configured by SNMP RW
> access [see slide 43 of the presentation referenced in this post
>
> http://www.insinuator.net/2013/07/snmp-reflected-amplification-ddos-attacks/]
> so knowing the term "private" m
> ight be enough to perform the task remotely.
>
> have a good one
>
> Enno
>
>
>
>
>>
>>
>> -----------------------------------------------------------------------
>> Roland Dobbins <rdobbins@arbor.net> //
>> <http://www.arbornetworks.com>
>>
>> Luck is the residue of opportunity and design.
>>
>> -- John Milton
>>
