Hi malware fighters,
Unauthorized hackers can now have access to backdoors left in ISP auditing software,
Cisco was rather upfront about this, but for other software we don't even know where it is.
This to prevent suspects to be warned by their ISP they are being monitored via backdoors:
http://www.darkreading.com/insiderthreat/security/perimeter/showArticle.jhtml?articleID=222600993Always thought the Internet was wormholed, now with these 6 issues it is proven,
Exploiting Lawful Intercept to Wiretap the Internet
Many goverments require telecommunications companies to provide interfaces that law enforcement can use to monitor their customer's communications. If these interfaces are poorly designed, implemented, or managed they can provide a backdoor for attackers to perform surveillance without lawful authorization. Most lawful intercept technology is proprietary and difficult to peer review. Fortunately, Cisco has published the core architecture of it's lawful intercept technology in an Internet Draft and a number of public configuration guides.
This talk will review Cisco's architecture for lawful intercept from a security perspective. The talk will explain how a number of different weaknesses in its design coupled with publicly disclosed security vulnerabilities could enable a malicious person to access the interface and spy on communications without leaving a trace. The talk will explain what steps network operators need to take to protect this interface. The talk will also provide a set of recommendations for the redesign of the interface as well as SNMP authentication in general to better mitigate the security risks.
Warnings were there from 2008:
http://www.forbes.com/2010/02/03/hackers-networking-equipment-technology-security-cisco.htmlpolonus