Solved: Backdoor in Cisco Routers and Firewalls. - Page 2

CiscoRV110W · ‎11-16-2013

The more I read about this NSA scandal (and yes, I do consider it a scandal) the less I trust US-based hardware and software companies. There is no reason for anyone to doubt that all Cisco hardware comes with a backdoor. Since such backdoors most likely exist it is a matter of time before hackers discover and exploit them. This has already happened to Microsoft a number of times and there is no reason it could not happen to Cisco. We no longer trust any of our Cisco hardware and have already started researching network alternatives.

This is no longer a crackpot conspiracy theory, it is reality.

In all liklihood we may use a series of firewalls to further insulate our network from intrusion. To keep costs down we may keep our existing Cisco hardware in this topology, but we will not replace it with Cisco hardware when it fails or needs to be upgraded. I am doing the same with my home network.

Over the past few months we have already moved all of our email to secure overseas servers and changed all of our antivirus software from McAfee to AVG and Avast. We are also researching Linux distros to replace Microsoft.

If Cisco wants to protect their brand they need to either take a stand or see their market share continue to erode. Surely there is ONE CEO at an American company that will take this stand and be a hero rather than continue to be a lap dog.

Mr Nobody · ‎03-01-2022

Well now this aged like fine milk didn't it?

References

Jon Marshall · ‎01-09-2014

Jon

Your main argument seems to be -

I have no idea, nor control, over whether any hardware has inbuilt backdoors in it but as far as software is concerned with open source i can at least see the source code and decide for myself if there are backdoors in it. So i will control what i can and move to open source software.

If that is a correct summary there is not a lot to disagree with. But practically for most companies it is not possible nor desirable (at the moment) to pour through thousands up thousands of lines of source code to check it but, as you say, your team have a dedicated engineer who can do this so for you it may well be a reasonable thing for you to do.

Where i do disagree is your fixation primarily on Cisco. This may be because this is a Cisco forum but there are a couple of important points to note in that respect -

1) most of the people who answer questions on these forums don't work for Cisco so we have no particular reason/need to defend Cisco

2) most of the forums on here, including this one, deal with the Enterprise range of Cisco products so extrapolating from a problem found with an SMB device to the Enterprise devices is not particularly valid. So my comments below are dealing with the Enterprise products only.

From your original post -

This has already happened to Microsoft a number of times and there is no reason it could not happen to Cisco

If there is no reason it could not happen to Cisco, what about Juniper/HP/IBM etc. And by saying that you are implicity saying it hasn't happened yet so you don't even know it will.

By all means replace your Cisco kit although i have no idea how you can justify that as you cannot prove you need to and you cannot prove that the new hardware you buy, by your own admission, does not have backdoors in it. So you may, ironically, be getting rid of secure kit and buying kit that does have backdoors in it. How would you know ?

In terms of software, i can't argue against what you are doing other than to say that so far, again talking about Enterprise products, there is no proof as far as i know, of any intentional backdoors.

I can say for sure that in all my previous jobs if i proposed removing all the Cisco kit and replacing it with open source kit for no other reason than i suspected the Cisco kit might be flawed (and with absolutely no proof) i probably would have been marched straight out of the door.

I'm not arguing against you, i'm just trying to point out that a lot (not all) of the reasoning behind your post seems to be more to do with your disappointment with what has happened rather than any sound technical arguments.

Jon

Miroslav Berkov · ‎10-28-2014

the JETPLOW is not the only, look on Cisco IOS Shellcode and Remote Execution also

wreed_cisco · ‎12-02-2015

I have never used such simple words on a Cisco Technical forum...... but the original poster is a genuine idiot.