juniper vpn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Dec 22, 2015 at 2:06 PM, Niels Peen <niels at peen.net> wrote:
> On 22 December 2015 at 10:23:12, Nikos Mavrogiannopoulos
> (n.mavrogiannopoulos at gmail.com) wrote:
> It has been discovered that the juniper VPN devices [0] were
> backdoored, and that the backdoor was even "maliciously" modified by
> unknown parties. Is that the same VPN that openconnect supports? In
> that case should openconnect print a huge warning before connecting to
> these devices?
>
> [0]. http://blog.cryptographyengineering.com/2015/12/on-juniper-backdoo
> r.html
> You would have to make sure such a warning shows up for affected devices
> only. Older openconnect versions tend to remain in use for years as part of
> various Linux distributions and you don?t want people to be unnecessarily
> alarmed or bug their network admins about this after the issue has been long
> resolved.

The scary part of this story is that the code was already backdoored.
The attack only replaced the keys of the backdoor with keys that were
not controlled by juniper. The "fix" of the backdoor was to replace
the attack keys with the original juniper keys. With that in mind, I
don't think there is any version where such a warning would not be
appropriate.

regards,
Nikos



[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux