[167897] in North American Network Operators' Group
Re: NSA able to compromise Cisco, Juniper, Huawei switches
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Tue Dec 31 13:59:18 2013
To: Sabri Berisha <sabri@cluecentral.net>
In-Reply-To: Your message of "Mon, 30 Dec 2013 19:38:12 -0800."
<1536002173.5096.1388461092319.JavaMail.zimbra@cluecentral.net>
From: Valdis.Kletnieks@vt.edu
Date: Tue, 31 Dec 2013 13:58:23 -0500
Cc: "nanog@nanog.org list" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1388516301_15173P
Content-Type: text/plain; charset=us-ascii
On Mon, 30 Dec 2013 19:38:12 -0800, Sabri Berisha said:
> However, attempting any of the limited attacks that I can think of would
> require expert-level knowledge of not just the overall architecture, but also
> of the microcode that runs on the specific PFE that the attacker would target,
Already solved problem, from back in the Internet Stone Age.
I remember seeing an exploit that asked you whether the target was
SunOS 3.2, patch 1, 2, or 3, and launched the correct attack for each. And
I can think of a lot of different ways to make the router cough up the
needed info (or you can just brute-force loop over all the options till
one works - leave the vendor support guy wondering why that line card
rebooted 5 time in an hour and then suddenly became rock solid again :)
--==_Exmh_1388516301_15173P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBUsMTzAdmEQWDXROgAQKuOBAAvj38CODHiAAJpuCAKE3uPaf+2RSXd8ae
TMwTYQL5v7BkHa3AwOTBipL62a0J1VuVHs+FgBROanWvOxmJuStPcPvjD1xUD9yw
53J3qGVuDJrW1razFxLM0kVuRzidED7/AcqxIZ7wKTXFPWEWhN8O9tXVl3Ker7vb
21YNql0QwfUfO5lCxfv34czJmvmKhI/f+EvKfweKMKhObXEBI1Kbyj3W6r+x7Won
C1pG2vXJqzkP7fLvypIbMHfUb58MGQsAJ67g8zTK6A+2bExqSJeK2ai3EREYNBlz
q0gB0V7ktJ8FmCKWHgz59GJnnKIKdctmeV+3Jl6cS4KMq8DrmAV3bPZ0x3AEFstZ
KhFG63ZESA9+g7YRu1v7+Hc5Ti4nKm5vt7h+wrK7IaA+u7WnEm+Pz+PF0gJ0TjFH
BXnAWYcRsd3/7/X4p0ptLk/lafiHVznPao1E6qB2N86IO4DO3g354yEQ5jgydixC
6i9k7I1vhSCh4OVwON/tLEXAEsHLTRdvTp/aN668bp+qFW69UlJFfCtlFJBUqIli
/d+d4j+nYbQ3FdQmwrwDDwBLubLBx9AunTkwKy6FVyFeSBEp1Dg0dyocmJWKtrhh
PKTAYO8/pbRB8VgNPJaTfvokbsWLl0k7c4joiDFuQMGSymHlXkwpQ+NiRf6nZBtg
CDc3pOkQB6c=
=RFJL
-----END PGP SIGNATURE-----
--==_Exmh_1388516301_15173P--
