North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: [NANOG] IOS rootkits
Florian Weimer wrote: > > | Network administrators are not able to observe Lawful Intercept is > | enabled. No Lawful Intercept program messages or error messages are ever > | displayed on the console. > > <http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/lawf_int.html> > > This is a Sony-style rootkit, but it certainly demonstrate that the > concept is feasible (surprise). > Eh, it's a little misleading. Every Net admin knows when Lawful Intercept is activated on their router. The processor utilization takes a major spike. What it's doing might not be known, though umm, even intercept traffic itself can be intercepted or redirected through portions of the network where it can be intercepted. ;) Jack _______________________________________________ NANOG mailing list [email protected] http://mailman.nanog.org/mailman/listinfo/nanog
|