[c-nsp] Worst case: Compromised Internet router?
Jared Mauch
jared at puck.nether.net
Sat Apr 25 18:31:52 EDT 2009
What if they set up lawful intercept on the device? That could relay
all your packets without visible configuration, or just the
"interesting" ones.
As with any device, you want to insure it's integrity of both
configuration and image running is important. I suggest rancid or
something else to help audit these items.
Jared Mauch
On Apr 25, 2009, at 6:01 PM, ChrisSerafin <chris at chrisserafin.com>
wrote:
> So I'm trying ot lock down and Internet router and I had a few
> thoughts pop in my head...of what is the worst thing that could
> happen, other than someone bricking the device and locking ligit
> users out of the router? Here are some questions I thought
> of.....let me know what you think....
>
> * If the device doesn't have any private IP's on it....I can't
> create a remote VPN client connection to it and then login to the
> network. How could I capture/sniff traffic to a .pcap in this
> scenario? I would like to do this besides redirecting traffic over
> GRE tunnels to a different router I have, just to sniff.....this
> scenario sounds good, but I assume would interrupt traffic to the
> point I would notice it and take action in a 24/7 NOC
>
> Thanks.....
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list