.

Black Hat: Exploits found in Cisco routers law enforcement "backdoors".

<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Fri Feb 05, 2010 4:39 pm

Black Hat: Exploits found in Cisco routers law enforcement "backdoors".

I first found some FUD on Yahoo and decided to search for the technical write-up which I found on Dark Reading (http://www.darkreading.com/insiderthrea ... =222600993).  I also found Tom Cross' white paper (http://www.blackhat.com/presentations/b ... ept-wp.pdf) and PDF presentation (http://www.blackhat.com/presentations/b ... slides.pdf) from Black Hat this week.

Honestly, I do not believe that these back doors need to exist.  Let law enforcement agencies obtain data the old fashion way, through a warrant.

What say you?
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Fri Feb 05, 2010 4:59 pm

Re: Black Hat: Exploits found in Cisco routers law enforcement "backdoors".

Fully agreed, and it goes to show that to have 'backdoors' available, they've now subjected their customers to further security risks and breaches.  I'd read some info on this one, the other day, but hadn't had time to dive in.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Fri Feb 05, 2010 5:45 pm

Re: Black Hat: Exploits found in Cisco routers law enforcement "backdoors".

I may not be considering the big picture properly, but I would have to agree.  I am not sure why the backdoors are necessary.  Like unsupported said, a warrant will get you access to the webmail account.  To me, backdoors are always an afterthought or an oversight in any piece of software.  They are never properly considered during security implementation.
~~~~~~~~~~~~~~
Ketchup
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Sat Feb 06, 2010 9:50 am

Re: Black Hat: Exploits found in Cisco routers law enforcement "backdoors".

I forgot to include a link to my favorite scene...

http://www.youtube.com/watch?v=ahcVp8vIicI
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Mon Feb 08, 2010 10:25 am

Re: Black Hat: Exploits found in Cisco routers law enforcement "backdoors".

Perfect.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

Bane

Post Sat Feb 13, 2010 1:45 am

Re: Black Hat: Exploits found in Cisco routers law enforcement "backdoors".

There's currently some speculation that the recent google attack originating from china abused a law enforcement backdoor. I have yet to see any solid proof, but an interesting idea none the less.
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Mon Feb 15, 2010 4:13 pm

Re: Black Hat: Exploits found in Cisco routers law enforcement "backdoors".

Or how about this article by Roger Grimes "Chinese government is innocent of cyber-attacks until proven guilty":

http://www.infoworld.com/d/security-cen ... guilty-994

Don
CISSP, MCSE, CSTA, Security+ SME
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Mon Feb 15, 2010 9:44 pm

Re: Black Hat: Exploits found in Cisco routers law enforcement "backdoors".

I'd hate to place all the blame on China, I mean, come on.  How hard is it to setup a netcat relay through China?  But no.. seriously, I blame them.  What if these "backdoors" are not for LEO, but put in place because they are knock-off Chinese routers.
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP

Return to Hardware

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software