On Mon, Dec 30, 2013 at 04:03:07PM +0000, Dobbins, Roland wrote: > > On Dec 30, 2013, at 10:44 PM, <[email protected]> > <[email protected]> wrote: > > > What percentage of Cisco gear that supports a CALEA lawful intercept mode > > is installed in situations where CALEA doesn't apply, and thus there's a > > high likelyhood that said support is misconfigured and abusable without > > being noticed? > > AFAIK, it must be explicitly enabled in order to be functional. It isn't the > sort of thing which is enabled by default, nor can it be enabled without > making explicit configuration changes.
at least back in 2007 it could be enabled/configured by SNMP RW access [see slide 43 of the presentation referenced in this post http://www.insinuator.net/2013/07/snmp-reflected-amplification-ddos-attacks/] so knowing the term "private" m ight be enough to perform the task remotely. have a good one Enno > > ----------------------------------------------------------------------- > Roland Dobbins <[email protected]> // <http://www.arbornetworks.com> > > Luck is the residue of opportunity and design. > > -- John Milton > -- Enno Rey ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902 Handelsregister Mannheim: HRB 337135 Geschaeftsfuehrer: Enno Rey ======================================================= Blog: www.insinuator.net || Conference: www.troopers.de =======================================================
