[167914] in North American Network Operators' Group
Re: NSA able to compromise Cisco, Juniper, Huawei switches
daemon@ATHENA.MIT.EDU (Paul Ferguson)
Tue Dec 31 15:42:58 2013
Date: Tue, 31 Dec 2013 12:42:25 -0800
From: Paul Ferguson <fergdawgster@mykolab.com>
To: nanog@nanog.org
In-Reply-To: <20131231.213352.41731731.sthaug@nethelp.no>
Reply-To: fergdawgster@mykolab.com
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/31/2013 12:33 PM, sthaug@nethelp.no wrote:
>> The best response I've seen to all this hype and I completely agree with
>> Scott:
>>
>> "Do ya think that you wouldn't also notice a drastic increase in
>> outbound traffic to begin with? It's fun to watch all the hype and
>> things like that, but to truly sit down and think about what it would
>> actually take to make something like this happen, especially on a
>> sustained and
>> "unnoticed" basis, is just asinine.
>
> A drastic increase, definitely. Smaller increases (say a couple of Mbps
> on a link normally carrying 100 Mbps or more), doubtful.
>
> It all depends on the volume of the information you're looking for.
>
More than you know.
As someone who has seen firsthand, in real time, an adversary exfiltrate
documents and other data out of an organization which he has gained
unauthorized internal access -- real professionals know how to blend in
with the noise & fly under the radar successfully.
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 2317)
Charset: utf-8
wj8DBQFSwywoq1pz9mNUZTMRAtFaAKDrbdnfnnPOP6G0DSRUxK4WmbtGhwCfRaQ/
V7MRFxg+dGwNKZgx4qK0Ogs=
=XiSA
-----END PGP SIGNATURE-----
--
Paul Ferguson
PGP Public Key ID: 0x63546533
