[Owasp-delhi] IBM ISS Researcher Exposes Holes In Cisco's Internet Surveillance Architecture

Anuvrat Gambhir anuvratgambhir at gmail.com
Thu Feb 4 23:36:06 EST 2010


IBM ISS Researcher Exposes Holes In Cisco's Internet Surveillance
Architecture

Wiretapping architecture could be abused by individuals under surveillance
and outside attackers; Cisco reviews recommended fixes
Feb 03, 2010 | 01:03 PM

WASHINGTON, D.C. -- Black Hat DC 2010 -- An IBM ISS researcher here today
revealed major security holes in a little-known wiretapping architecture for
IP networks created by Cisco Systems for law enforcement. The weaknesses
could result in an attacker interfering with legal surveillance or
performing some unauthorized surveillance of his own.

Tom Cross, manager of X-Force Research at IBM ISS, says he first discovered
the Cisco Architecture for Lawful Intercept in IP Networks, which was
published as an IETF RFC in 2004, four years ago.


Cross says Cisco's configuration guide for the architecture recommends that
network administrators enable SNMP trap notifications to detect potential
threats on SNMPv3 authentication, and it "implies" that traps will be sent
for packets that carry an incorrect authentication key or any other packet
that isn't part of the approved access list.

For Detailed News, click on the following link:
http://www.darkreading.com/insiderthreat/security/perimeter/showArticle.jhtml?articleID=222600993&cid=nl_DR_WEEKLY_2010-02-04_t

-- 
Regards,
Anuvrat Gambhir
Gtalk: anuvratgambhir
Skype: anuvratgambhir
yahoo: anuvratgambhir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20100205/4e8e4d08/attachment.html 


More information about the Owasp-delhi mailing list