There are many ways a backdoor could be used in a properly secured system. To think otherwise is a huge mistake. I can think of several ways, if tasked and given the resources of a large gov't that I would attack this problem. To assume that those tasked and focused only this type of solution aren't even more capable would be foolhardy.
-jim On Mon, Dec 30, 2013 at 12:28 PM, Marco Teixeira <ad...@marcoteixeira.com>wrote: > Hi all, > > I've been watching this list for a couple weeks now and while risking > beeing flamed, i just wanted to say that any network professional that puts > any equipment into production without securing it against the kind of > issues mentioned so far (cisco/cisco, snmp private, etc) is negligent and > should be fired on the spot. > > These are not backdoor issues, NSA related, whatever... This is noise. > Trying to get this thread on track, can the original poster provide any > proof of this so called ability of the so called inteligence agency beeing > able to access cisco/juniper, taking into account that management access > has been correctly configured ? > > Regards > > -Marco > > > --- > Cumprimentos / Best regards > > Marco Teixeira > email/gtalk/msn: ad...@marcoteixeira.com > skype: admin-marcoteixeira.com > --- > Did you know that Marco Teixeira is an independent, industry expert, > senior > consultant ? His expertise is available for hire. > --- > > > On Mon, Dec 30, 2013 at 4:16 PM, Enno Rey <e...@ernw.de> wrote: > > > On Mon, Dec 30, 2013 at 04:03:07PM +0000, Dobbins, Roland wrote: > > > > > > On Dec 30, 2013, at 10:44 PM, <valdis.kletni...@vt.edu> < > > valdis.kletni...@vt.edu> wrote: > > > > > > > What percentage of Cisco gear that supports a CALEA lawful intercept > > mode is installed in situations where CALEA doesn't apply, and thus > there's > > a high likelyhood that said support is misconfigured and abusable without > > being noticed? > > > > > > AFAIK, it must be explicitly enabled in order to be functional. It > > isn't the sort of thing which is enabled by default, nor can it be > enabled > > without making explicit configuration changes. > > > > at least back in 2007 it could be enabled/configured by SNMP RW access > > [see slide 43 of the presentation referenced in this post > > > http://www.insinuator.net/2013/07/snmp-reflected-amplification-ddos-attacks/ > ] > > so knowing the term "private" m > > ight be enough to perform the task remotely. > > > > have a good one > > > > Enno > > > > > > > > > > > > > > ----------------------------------------------------------------------- > > > Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> > > > > > > Luck is the residue of opportunity and design. > > > > > > -- John Milton > > > > > > > > > > > -- > > Enno Rey > > > > ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de > > Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902 > > > > Handelsregister Mannheim: HRB 337135 > > Geschaeftsfuehrer: Enno Rey > > > > ======================================================= > > Blog: www.insinuator.net || Conference: www.troopers.de > > ======================================================= > > > > >