Juniper's backdoor

Started by Dieselboy, December 22, 2015, 10:51:40 PM

Previous topic - Next topic

Dieselboy

http://www.theregister.co.uk/2015/12/21/security_code_to_backdoor_juniper_firewalls_revealed_in_firmware/

I'm not sure on the scope / risk of this. May be it's only a risk if you allow SSH / Telnet from unsecure networks?

dlots

The backdoor also lets you decrypt the data i believe.

deanwebb

Dlots is correct.

It also means that, after applying the patches, some people may not be able to VPN in... I am awkwardly hanging as my VPN keeps going to a "waiting to connect" state. I may even have to call the helpdesk.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.