hello friends
Backdoors Keep Appearing In Cisco's Routers
Cisco Architecture for Lawful Intercept
Way back in 2004, Cisco wrote an IETF proposal for a “lawful intercept” backdoor for routers, which law enforcement could use to remotely log in to routers. Years later, in 2010, an IBM security researcher showed how this protocol could be abused by malicious attackers to take over Cisco IOS routers, which are typically sold to ISPs and other large enterprises.
Attackers could exploit these backdoors and not leave any audit trail. That’s how the lawful intercept protocol was designed so that ISP employees can’t tell when a law enforcement agent logs to the ISP’s routers (even though law enforcement is supposed to gain this access with a court order or other legal access request).
Furthermore, this protocol could be abused by ISP employees because no one else working for the ISP could then tell when someone gained access to the routers via Cisco’s Architecture for Lawful Intercept.
thanks
Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
https://www.tomshardware.co.uk/cisco-backdoor-hardcoded-accounts-software,news-58853.html
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit