Re: Huawei on Mount Everest

On 01/05/2020 19:13, Eric Tykwinski wrote: > how the hell are they going to get power up there for dependability. > Solar power sure is a great option, but I was under the assumption > that repairs will be hell to put it bluntly. > Batteries in that cold of a climate is also a regular trip. which >

RE: Huawei on Mount Everest

Gould >Cc: John Levine ; nanog@nanog.org >Subject: Re: Huawei on Mount Everest > >Honestly, being an amateur rock climber, I’m in the same boat, but how >the hell are they going to get power up there for dependability. >Solar power sure is a great option, but I was under the assumptio

Re: Huawei on Mount Everest

> > > >https://telecoms.com/504051/huawei-and-china-mobile-stick-a-5g-base-station-on-mount-everest/ > > > >Why dont we leave the Everest alone? OTOH, we can now have tiktok > >videos and latest instagram posts from the summit. > > Given how dangerous the ascent

Re: Huawei on Mount Everest

On May 1, 2020, at 11:07 AM, Aaron Gould wrote: > You made me curious... > > https://en.wikipedia.org/wiki/List_of_people_who_died_climbing_Mount_Everest > > wow, I guess it would be great to be able to use cell/gps technology to > communicate with and track a lost/endangered climber Depending

Re: Huawei on Mount Everest

On Fri, May 1, 2020 at 11:01 AM John Levine wrote: > Given how dangerous the ascent is, I would think it would be a good > thing for climbers to be able to check in and say whether they are OK. Hi John, Climbers who care rent or buy satphones and beacons. They're mostly based on low earth orbit

Re: Huawei on Mount Everest

t; Sent: Friday, May 1, 2020 12:58 PM > To: nanog@nanog.org > Subject: Re: Huawei on Mount Everest > > In article > you > write: >> -=-=-=-=-=- >> >> https://telecoms.com/504051/huawei-and-china-mobile-stick-a-5g-base-station-on-mount-everest/ >> >&

RE: Huawei on Mount Everest

=gvtc@nanog.org] On Behalf Of John Levine Sent: Friday, May 1, 2020 12:58 PM To: nanog@nanog.org Subject: Re: Huawei on Mount Everest In article you write: >-=-=-=-=-=- > >https://telecoms.com/504051/huawei-and-china-mobile-stick-a-5g-base-station-on-mount-everest/ > >Why do

Re: Huawei on Mount Everest

In article you write: >-=-=-=-=-=- > >https://telecoms.com/504051/huawei-and-china-mobile-stick-a-5g-base-station-on-mount-everest/ > >Why dont we leave the Everest alone? OTOH, we can now have tiktok >videos and latest instagram posts from the summit. Given how dangerous the

Re: Huawei on Mount Everest

On Fri, May 1, 2020 at 7:20 AM Glen Kent wrote: > > https://telecoms.com/504051/huawei-and-china-mobile-stick-a-5g-base-station-on-mount-everest/ > > Why dont we leave the Everest alone? OTOH, we can now have tiktok videos and > latest instagram posts from the summit. > >

Huawei on Mount Everest

https://telecoms.com/504051/huawei-and-china-mobile-stick-a-5g-base-station-on-mount-everest/ Why dont we leave the Everest alone? OTOH, we can now have tiktok videos and latest instagram posts from the summit. Yippe. Just when you think things cant get worse, they sink deeper.

Re: China Showdown Huawei vs ZTE

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10819 https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-cpcp https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-

Re: China Showdown Huawei vs ZTE

https://www.theregister.co.uk/2018/04/26/hyperoptics_zte_routers/ yet another ZTE issue . :( alan

Re: China Showdown Huawei vs ZTE

On 24 April 2018 at 21:45, Naslund, Steve wrote: Hey, > The US Government considers Huawei and ZTE to have "close ties" to the > Chinese government according to the Director of National Intelligence along > with the heads of CIA, FBI, and the NSA as stated in testimony b

RE: China Showdown Huawei vs ZTE

>I'm sure all these companies have legal entities in all countries the operate >in. So Huawei in US is US company and Huawei products bought in US from US >Huawei are good,. but bad >when bought from Huawei China? IANAL however I was a network engineer for the US Air Force f

Re: China Showdown Huawei vs ZTE

Hey Aaron, > Excuse my lack of knowledge... What does this mean? "Shareholders are people > holding Vanguard/Blackrock." Funds which are largest owners of Cisco shares. -- ++ytti

Re: China Showdown Huawei vs ZTE

Excuse my lack of knowledge... What does this mean? "Shareholders are people holding Vanguard/Blackrock." Aaron > On Apr 24, 2018, at 10:31 AM, Saku Ytti wrote: > > Shareholders are people holding Vanguard/Blackrock.

RE: China Showdown Huawei vs ZTE

-Original Message- >From: NANOG On Behalf Of Saku Ytti >Sent: Tuesday, April 24, 2018 11:59 AM >To: Naslund, Steve >Cc: nanog@nanog.org >Subject: Re: China Showdown Huawei vs ZTE >On 24 April 2018 at 19:50, Naslund, Steve wrote: >> Easy one, what law is the co

Re: China Showdown Huawei vs ZTE

ast be held > accountable (by their markets) when they get caught. I'm sure all these companies have legal entities in all countries the operate in. So Huawei in US is US company and Huawei products bought in US from US Huawei are good,. but bad when bought from Huawei China? -- ++ytti

RE: China Showdown Huawei vs ZTE

> > > Yes looks like they are both under pressure. I feel bad for the USA based > > employees. I know Huawei has quite a few in Plano, Texas. > > Feel sorry for US based consumers. Historically protectionism always > hurts the local economy most. By creating artificial de

Re: China Showdown Huawei vs ZTE

> employees. I know Huawei has quite a few in Plano, Texas. > > Feel sorry for US based consumers. Historically protectionism always > hurts the local economy most. By creating artificial demand on local > products, over time local products become uncompetitive for export. > >

Re: China Showdown Huawei vs ZTE

On 20 April 2018 at 16:44, Colton Conor wrote: > Yes looks like they are both under pressure. I feel bad for the USA based > employees. I know Huawei has quite a few in Plano, Texas. Feel sorry for US based consumers. Historically protectionism always hurts the local economy most. By cr

RE: China Showdown Huawei vs ZTE

: China Showdown Huawei vs ZTE Josh, I like the whitebox route, but I can't find anything that will come close price wise. Example, Huawei S6720 with 24 10G ports, 2 40G ports, and full MPLS operating system from Huawei is $3500 out the door with a lifetime warranty. I can't even find

Re: China Showdown Huawei vs ZTE

Yes looks like they are both under pressure. I feel bad for the USA based employees. I know Huawei has quite a few in Plano, Texas. With both ZTE and Huawei out of the picture for USA operators, who is the low cost leader in this space then? On Fri, Apr 20, 2018 at 7:56 AM, STARNES, CURTIS

RE: China Showdown Huawei vs ZTE

Same for Huawei. https://www.theverge.com/2018/3/26/17164226/fcc-proposal-huawei-zte-us-networks-national-security https://www.forbes.com/sites/jeanbaptiste/2018/04/19/analyst-chinas-huawei-to-quit-u-s-market/#194f570211cb https://www.nytimes.com/2018/04/17/technology/huawei-trade-war.html I

Re: China Showdown Huawei vs ZTE

Josh, I like the whitebox route, but I can't find anything that will come close price wise. Example, Huawei S6720 with 24 10G ports, 2 40G ports, and full MPLS operating system from Huawei is $3500 out the door with a lifetime warranty. I can't even find a whitebox hardware, not even

Re: China Showdown Huawei vs ZTE

er network operating system? Huawei is much larger that ZTE is my understanding, but larger does not always mean better. Both of these manufactures have switches and routers. I doubt we will use their routing products anytime soon, but the switching products with MPLS are w

Re: China Showdown Huawei vs ZTE

Why not just go the whitebox route and pick your NOS of choice? Far cheaper, and far more flexible. On Fri, Apr 20, 2018, 7:28 AM Colton Conor wrote: > Of the two large Chinese Vendors, which has the better network operating > system? Huawei is much larger that ZTE is my understandin

China Showdown Huawei vs ZTE

Of the two large Chinese Vendors, which has the better network operating system? Huawei is much larger that ZTE is my understanding, but larger does not always mean better. Both of these manufactures have switches and routers. I doubt we will use their routing products anytime soon, but the

Re: Unable to assign an IP address to the sub-interface in Huawei S6720

Hi Carlos Thank you for the response. It's not working for me: display version Huawei Versatile Routing Platform Software VRP (R) software, Version 5.160 (S6720 V200R008C00SPC500) Copyright (C) 2000-2015 HUAWEI TECH CO., LTD HUAWEI S6720-30C-EI-24S-AC Routing Switch uptime is 36 weeks, 6 da

Unable to assign an IP address to the sub-interface in Huawei S6720

rl=http%3A%2F%2Fsupport.huawei.com%2Fenterprise%2Fbr%2Fdoc%2FDOC1000112303&userId=948086&signature=7608d90d5dd77e0c> but dont work. Says "Error: Unrecognized command found at '^' position" in ip address command. Has anyone managed to configure sub-interface on the Huawei S6720 switch? -- Att Josivan Barbosa

Huawei NE

Hi All, Does anyone have any experiences with the Huawei NE platform in a service provider environment they can share? Private message is fine. I am comparing against Cisco ASR & Juniper MX. Regards, Mitchell T. Lewis mle...@techcompute.net |203-816-0371 PGP Fingerp

HUAWEI S6700 - VLANIF MAC ADDRESS

Hi all I have a Huawei S6700 and each vlanif has a different mac. Is there any way so that all vlanifs have the same mac address? In brocades switches, for example, all ports have the same mac. Thanks. Josivan Barbosa

Re: Huawei and ZTE Routers

You could try cross posting to UKNOG since BT use Huawei in their DSLAMs. http://lists.uknof.org.uk/cgi-bin/mailman/listinfo/uknof/ On 7 May 2015 21:18, "ML" wrote: > On 5/7/2015 2:25 PM, Daniel Corbe wrote: > >> Colton Conor writes: >> >> The other thread ab

Re: Huawei and ZTE Routers

Alcatel-Lucent into the mix. ZTE and Huawei, the big chinese vendors, have also been mentioned to us. I know there are large national security issues with using these vendors in the US, but I know Level3 and other large American vendors use Huawei and ZTE in their networks. How do their products

Re: Huawei and ZTE Routers

into the mix. > > ZTE and Huawei, the big chinese vendors, have also been mentioned to us. I > know there are large national security issues with using these vendors in > the US, but I know Level3 and other large American vendors use Huawei and > ZTE in their networks. > > How do the

Huawei and ZTE Routers

The other thread about the Alcatel-Lucent routers has been pleasantly delightful. Our organization used to believe that Juniper, Cisco, and Brocade were the only true vendors for carrier grade routing, but now we are going to throw Alcatel-Lucent into the mix. ZTE and Huawei, the big chinese

Re: Huawei Atom Router

To be fair, they've fixed one of the big concerns that were raised with them a couple of years ago: google for huawei + psirt now actually returns usable results. No idea how well the interface with them works when you're actually trying to report a vulnerability (maybe someone ca

Re: Huawei Atom Router

Was more a statement of fact. As if it was warranted. I do not know. - Alain Hebertaheb...@pubnix.net PubNIX Inc. 50 boul. St-Charles P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 Tel: 514-990-5911 http://www.pubnix.netFax: 514-99

Re: Huawei Atom Router

> And a bunch of ban's around Oct 2013 from a wide variety of > countries... you mean fear of implants as there are in cisco products?

Re: Huawei Atom Router

Huawei has sales personal in the US and does sell here. See http://huawei.com/us/about-huawei/contact-us/index.htm And for a more recent Huawei management statement, see http://usa.chinadaily.com.cn/epaper/2014-04/28/content_17470474.htm "Huawei executive says it still seeks US sales&quo

Re: Huawei Atom Router

Well, Wasn't the Huawei CEO that stated that they where not interested into the US market. ( And by proxy ... the Canadian one ) http://www.theregister.co.uk/2013/04/23/huawei_not_interested_in_us/ And a bunch of ban's around Oct 2013 from a wide variety of

Huawei Atom Router

Has anyone seen/touched Huawei's Atom Router? It was announced at the Mobile World Congress 2014.. haven't seen anything on the Interweb since. I'd be interested in getting one or two units to play in my lab! http://www.huawei.com/mwc2014/en/articles/hw-328011.htm Eric

DHCP Server ACS Parameters on Huawei 5300 and 5600 DSLAM

Hello Everybody, Does any body has experience about running DHCP Server on Huawei DSLAMs? We wanna run TR069 on our network, We need a DHCP server to pass ACS parameters. Like ACS URL, ACS Username and Password. Thanks -- Regards, Shahab Vahabzadeh, Network Engineer and System Administrator

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Thu, Jan 2, 2014 at 10:01 AM, Saku Ytti wrote: > On (2014-01-01 23:51 +0200), Eugeniu Patrascu wrote: > > > > Is this legal? Can NSA walk in to US based company and legally coerce > to > > > install such backdoor? If not, what is the incentive for private > company to > > > cooperate? > > > >

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On (2014-01-01 23:51 +0200), Eugeniu Patrascu wrote: > > Is this legal? Can NSA walk in to US based company and legally coerce to > > install such backdoor? If not, what is the incentive for private company to > > cooperate? > > > > As you might have seen from the beginning of time, people in pow

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Wed, Jan 1, 2014 at 11:55 AM, Saku Ytti wrote: > On (2013-12-31 23:04 +), Warren Bailey wrote: > > > that RSA had a check cut for their participation (sell outs..), would it > > be out of the realm of possibility cisco knowingly placed this into their > > product line? And would it be thei

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Wed, Jan 1, 2014 at 3:55 AM, Saku Ytti wrote: > Is this legal? Can NSA walk in to US based company and legally coerce to > install such backdoor? If not, what is the incentive for private company to > cooperate? > As evidenced by "Lavabit"; apparently, one thing that they CAN do is issue an

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Wed, 01 Jan 2014 11:55:37 +0200, Saku Ytti said: > Is this legal? Can NSA walk in to US based company and legally coerce to > install such backdoor? Well, legal or not... we will probably never know exactly what was said, but apparently the NSA was able to convince/coerce many of the 800 pound

Re: NSA able to compromise Cisco, Juniper, Huawei switches

Warren Bailey > I find it insanely difficult to believe cisco systems has a backdoor > into some of their product lines with no knowledge or participation. actually, i suspect a mix of both, the usg encouraging calea gone bad (while committing to bad-mouth huawei), and the TAO crew deve

Re: NSA able to compromise Cisco, Juniper, Huawei switches

Thank you Randy for pointing that out. However take into account the NANOG list is moderated, and my comment was delayed for moderation. I was commenting on posts about trivial things, before that nice post with nice codenames. A good year to all. May this be a smoother year to you all that have s

Re: NSA able to compromise Cisco, Juniper, Huawei switches

> If legal, consider risk to NSA. Official product ran inside company to add > requested feature, hundred of people aware of it. Seems both expensive to > order such feature and almost guaranteed to be exposed by some of the > employees. > > Alternative method is to presume all software is insecur

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On (2013-12-31 23:04 +), Warren Bailey wrote: > that RSA had a check cut for their participation (sell outs..), would it > be out of the realm of possibility cisco knowingly placed this into their > product line? And would it be their mistake to come out with a “we had no > idea!” rather than

Re: NSA able to compromise Cisco, Juniper, Huawei switches

China. ;) lol Sent from my Mobile Device. Original message From: Paul Ferguson Date: 12/31/2013 4:13 PM (GMT-08:00) To: nanog@nanog.org Subject: Re: NSA able to compromise Cisco, Juniper, Huawei switches -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/31/2013 4:02 PM

Re: NSA able to compromise Cisco, Juniper, Huawei switches

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/31/2013 4:02 PM, Florian Weimer wrote: > * Warren Bailey: > >> Explaining, not a denial written by their legal department. I find it >> insanely difficult to believe cisco systems has a backdoor into some of >> their product lines with no knowl

Re: NSA able to compromise Cisco, Juniper, Huawei switches

* Warren Bailey: > Explaining, not a denial written by their legal department. I find it > insanely difficult to believe cisco systems has a backdoor into some of > their product lines with no knowledge or participation. As far as I understand it, these are firmware tweaks or implants sitting on

Re: NSA able to compromise Cisco, Juniper, Huawei switches

Explaining, not a denial written by their legal department. I find it insanely difficult to believe cisco systems has a backdoor into some of their product lines with no knowledge or participation. Given the fact that RSA had a check cut for their participation (sell outs..), would it be out of the

Re: NSA able to compromise Cisco, Juniper, Huawei switches

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/31/2013 12:33 PM, sth...@nethelp.no wrote: >> The best response I've seen to all this hype and I completely agree with >> Scott: >> >> "Do ya think that you wouldn't also notice a drastic increase in >> outbound traffic to begin with? It's fun

Re: NSA able to compromise Cisco, Juniper, Huawei switches

> The best response I've seen to all this hype and I completely agree with > Scott: > > "Do ya think that you wouldn't also notice a drastic increase in outbound > traffic to begin with? It's fun to watch all the hype and things like > that, but to truly sit down and think about what it would act

Re: NSA able to compromise Cisco, Juniper, Huawei switches

>> it's weasel words (excuse the idiom). shoveling kitty litter over a >> big steaming pile. > Clayton is responding to the ability that he's allowed, and he's using > words very precisely. qed pgp7iFOpQgLqE.pgp Description: PGP signature

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Jan 1, 2014, at 2:34 AM, Jonathan Greenwood II wrote: > The best response I've seen to all this hype and I completely agree with > Scott: > > "Do ya think that you wouldn't also notice a drastic increase in outbound > traffic to begin with? It's fun to watch all the hype and things like >

Re: NSA able to compromise Cisco, Juniper, Huawei switches

* Randy Bush: >> There's a limit to what can reasonably be called a *product* >> vulnerability. > > right. if the product was wearing a low-cut blouse and a short skirt, > it's not. Uh-oh, is this an attempt at an argument based on a "blame the victim" rape analogy?

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Jan 1, 2014, at 2:16 AM, Warren Bailey wrote: > Randy is right here.. Cisco has some Œsplainin to do - we buy these devices > as ³security appliances², not NSA rootkit gateways

Re: NSA able to compromise Cisco, Juniper, Huawei switches

lenty > of ASA¹s in the .gov infrastructures. > > //warren > > PS - I mentioned .cn specifically because of the Huawei aspect, in > addition to the fact that it has been widely publicized we are in a ³cyber > war² with them. > > On 12/31/13, 12:07 PM, "Randy Bush&qu

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Jan 1, 2014, at 2:07 AM, Randy Bush wrote: > it's weasel words (excuse the idiom). shoveling kitty litter over a big > steaming pile. Clayton is responding to the ability that he's allowed, and he's using words very precisely. Here's Cisco's official responses, so far.

Re: NSA able to compromise Cisco, Juniper, Huawei switches

infrastructures. //warren PS - I mentioned .cn specifically because of the Huawei aspect, in addition to the fact that it has been widely publicized we are in a ³cyber war² with them. On 12/31/13, 12:07 PM, "Randy Bush" wrote: >> There's a limit to what can reasonably

Re: NSA able to compromise Cisco, Juniper, Huawei switches

> There's a limit to what can reasonably be called a *product* > vulnerability. right. if the product was wearing a low-cut blouse and a short skirt, it's not. it's weasel words (excuse the idiom). shoveling kitty litter over a big steaming pile. let me insert a second advert for jake's 30c3 p

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Mon, 30 Dec 2013 19:38:12 -0800, Sabri Berisha said: > However, attempting any of the limited attacks that I can think of would > require expert-level knowledge of not just the overall architecture, but also > of the microcode that runs on the specific PFE that the attacker would target, Alread

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Dec 31, 2013, at 7:05 AM, Ray Soucy wrote: > I think there needs to be some clarification on how these tools get used, > how often they're used, and if they're ever cleaned up when no longer part > of an active operation. Of course we'll never get that. But that's exactly what we need. Look

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On (2013-12-31 18:49 +0100), Enno Rey wrote: > some approaches were discussed in 2010, by Graeme Neilson from NZ here: > > https://www.troopers.de/wp-content/uploads/2012/10/TROOPERS10_Netscreen_of_the_Dead_Graeme_Neilson.pdf > > a later year, at the same conference, he gave a private session de

Re: NSA able to compromise Cisco, Juniper, Huawei switches

* Randy Bush: >> Clay Kossmeyer here from the Cisco PSIRT. > > shoveling kitty litter as fast as you can, eh? > >> http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20131229-der-spiegel > > "The article does not discuss or disclose any Cisco product vulnerabilities." >

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Dec 31, 2013, at 12:49 PM, Enno Rey wrote: > Hi, > > some approaches were discussed in 2010, by Graeme Neilson from NZ here: > > https://www.troopers.de/wp-content/uploads/2012/10/TROOPERS10_Netscreen_of_the_Dead_Graeme_Neilson.pdf > > a later year, at the same conference, he gave a privat

Re: NSA able to compromise Cisco, Juniper, Huawei switches

Hi, some approaches were discussed in 2010, by Graeme Neilson from NZ here: https://www.troopers.de/wp-content/uploads/2012/10/TROOPERS10_Netscreen_of_the_Dead_Graeme_Neilson.pdf a later year, at the same conference, he gave a private session demonstrating basically the same stuff for JunOS, as

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On (2013-12-31 16:22 +0100), na...@mitteilung.com wrote: > Since some weeks all my cisco / juniper equipment was replaced with open > source solutions (sometimes with embedded devices) and that works fine. > Google as search engine and Facebook accounts are deleted and some more > things. Cloud so

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Dec 31, 2013, at 11:50 AM, Saku Ytti wrote: > I asked earlier today JTAC (#2013-1231-0033) and JTAC asked SIRT for tool to > read BIOS and output SHA2 or SHA3 hash, and such tool does not exist yet. I'm > dubious, it might be possible even with existing tools. At least it's possible > to ref

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On (2013-12-31 09:03 -0600), Leo Bicknell wrote: > If I were Cisco/Juniper/et all I would have a team working on this right now. > It should be trivial for them to insert code into the routers that say, > hashes all sorts of things (code image, BIOS, any PROMS and EERPOMS and > such on the lineca

Re: NSA able to compromise Cisco, Juniper, Huawei switches

Since some weeks all my cisco / juniper equipment was replaced with open source solutions (sometimes with embedded devices) and that works fine. Google as search engine and Facebook accounts are deleted and some more things. Cloud solutions outside europe now are forbidden for me. Thank you NSA & C

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Dec 31, 2013, at 8:32 AM, Saku Ytti wrote: > I'm going to wait calmly for some of the examples being recovered from the > field, documented and analysed. If I were Cisco/Juniper/et all I would have a team working on this right now. It should be trivial for them to insert code into the router

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On (2013-12-31 14:45 +0100), sth...@nethelp.no wrote: > > This whole backdoor business is a very, very, dangerous game. > > It *is* a big deal. And if you want to get even more scared, listen to > Jacob Appelbaum's talk at the CCC here: I'm going to wait calmly for some of the examples being rec

Re: NSA able to compromise Cisco, Juniper, Huawei switches

> I think there needs to be some clarification on how these tools get used, > how often they're used, and if they're ever cleaned up when no longer part > of an active operation. Of course we'll never get that. Highly unlikely, I'd say. > The amount of apologists with the attitude "this isn't a

RE : Re: NSA able to compromise Cisco, Juniper, Huawei switches

g@nanog.org list" Objet : Re: NSA able to compromise Cisco, Juniper, Huawei switches I think there needs to be some clarification on how these tools get used, how often they're used, and if they're ever cleaned up when no longer part of an active operation.  Of course we'll neve

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Tue, Dec 31, 2013 at 8:05 AM, Ray Soucy wrote: > This whole backdoor business is a very, very, dangerous game. While I agree with this (and the issues brought up with NSA's NIST approved PRNG that RSA used). If I were in their shoes, I would have been collecting every bit of data I could (ie,

Re: NSA able to compromise Cisco, Juniper, Huawei switches

I think there needs to be some clarification on how these tools get used, how often they're used, and if they're ever cleaned up when no longer part of an active operation. Of course we'll never get that. The amount of apologists with the attitude "this isn't a big deal, nothing to see here, the

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Tue, Dec 31, 2013 at 5:38 AM, Sabri Berisha wrote: > Hi Roland. > > > I don't know much about Juniper > > gear, but it appears that the Juniper boxes listed are similar in nature, > > albeit running FreeBSD underneath (correction welcome). > > With most Juniper gear, it is actually quite diffic

Re: NSA able to compromise Cisco, Juniper, Huawei switches

To supplement and amend what I said: These are the KINDS of things we want the NSA to do; however, the institutional oversight necessary to make sure it's Constitutional, warranted, and kept "in bounds" is woefully lacking (if any exists at all). Even FISA is unsatisfactory. At any rate, I agree

RE: NSA able to compromise Cisco, Juniper, Huawei switches

>We're all getting far too conditioned for the "click OK to proceed" >overload, and the sources aren't helping. If one embarks with deliberation upon a course of action which may entertain certain results then the intent to cause the result so obtained is, by implication, proved.

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Mon, Dec 30, 2013 at 10:41 PM, Blair Trosper wrote: > I'm torn on this. On one hand, it seems sinister. On the other, it's not > only what the NSA is tasked with doing, but it's what you'd EXPECT them to > be doing in the role as the NSA. > [snip] The NSA's role is not supposed to include su

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On 12/30/2013 11:06 PM, [AP] NANOG wrote: > As I was going through reading all these replies, the one thing that > continued to poke at me was the requirement of the signed binaries and > microcode. The same goes for many of the Cisco binaries, without direct > assistance, which is unclear at this

Re: NSA able to compromise Cisco, Juniper, Huawei switches

I'm torn on this. On one hand, it seems sinister. On the other, it's not only what the NSA is tasked with doing, but it's what you'd EXPECT them to be doing in the role as the NSA. I'm not saying it's right or wrong...it creeps me out a little, though...but these are the kinds of things we have

Re: NSA able to compromise Cisco, Juniper, Huawei switches

Roland, I did fail to mention the HUMINT (Human Intelligence) side of things, thank you for bringing that up! -- Thank you, Robert Miller http://www.armoredpackets.com Twitter: @arch3angel On 12/30/13, 11:33 PM, Dobbins, Roland wrote: > On Dec 31, 2013, at 11:06 AM, [AP] NANOG wrote: > >>

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Dec 31, 2013, at 11:06 AM, [AP] NANOG wrote: > Then looking at things from the evil side though, if they owned the system > which provides the signing then they could sign > virtually anything they wish. Or if they owned *people* with the right level of access to do so, or if there were im

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Dec 31, 2013, at 10:38 AM, Sabri Berisha wrote: > Assuming M/MX/T series, you are correct that the foundation of the > control-plane is a FreeBSD-based kernel. And the management plane, too? > However, that control-plane talks to a forwarding-plane (PFE). The PFE runs > Juniper designed A

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Dec 31, 2013, at 10:59 AM, Randy Bush wrote: > assumptions that the TAO folk have been taking a long much-deserved > sabbatical are probably naive Indeed; that is my point. These documents allege that the capabilities in question were present five years ago, which is an eternity in tech-t

Re: NSA able to compromise Cisco, Juniper, Huawei switches

Sabri, As I was going through reading all these replies, the one thing that continued to poke at me was the requirement of the signed binaries and microcode. The same goes for many of the Cisco binaries, without direct assistance, which is unclear at this point through the cloud of smoke so to sp

Re: NSA able to compromise Cisco, Juniper, Huawei switches

> It's also important to keep in mind that all these purported documents > refer to technologies which were supposedly available 5 years ago, > based on the dates in the slides. assumptions that the TAO folk have been taking a long much-deserved sabbatical are probably naive the shocking revelati

Re: NSA able to compromise Cisco, Juniper, Huawei switches

>Is Ken Thompson turning over in his grave yet? I certainly hope not...

Re: NSA able to compromise Cisco, Juniper, Huawei switches

- Original Message - > From: "Ray Soucy" > I hope when [if] the truth is learned it is a lot less prevalent than > it sounds, but I'm not optimistic. > > This is why we need all infrastructure to be implemented using open > standards, open hardware designs, and open source software IMHO.

Re: NSA able to compromise Cisco, Juniper, Huawei switches

Hi Roland. > I don't know much about Juniper > gear, but it appears that the Juniper boxes listed are similar in nature, > albeit running FreeBSD underneath (correction welcome). With most Juniper gear, it is actually quite difficult to achieve wire-tapping on a large scale using something as si

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Dec 31, 2013, at 10:16 AM, Blake Dunlap wrote: > The cynic in me says that cisco switch/router gear isn't part of that report > on clandestine backdoors, because they don't need said clandestine backdoors > to access them... T-series is in there, too. It's also important to keep in mind t

Re: NSA able to compromise Cisco, Juniper, Huawei switches

The cynic in me says that cisco switch/router gear isn't part of that report on clandestine backdoors, because they don't need said clandestine backdoors to access them... -Blake On Mon, Dec 30, 2013 at 8:54 PM, Dobbins, Roland wrote: > > On Dec 31, 2013, at 9:41 AM, Randy Bush wrote: > > > y

Re: NSA able to compromise Cisco, Juniper, Huawei switches

On Dec 31, 2013, at 9:41 AM, Randy Bush wrote: > you may want to read the more complete, well let's say extensive Thanks, Randy - now I see the JunOS stuff in there for J-series and M-series. --- Roland Dobbins //

  1   2   3   >