Home page logo

nanog logo nanog mailing list archives

Re: huawei
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Thu, 13 Jun 2013 12:35:48 -0400

On Jun 13, 2013, at 12:28 , "Avi Freedman" <avi () freedman net> wrote:

I disagree.

There have already been lab demos of sfps that could inject frames and APTs are pretty advanced, sinister, and can be 
hard to detect now.

I'm not suggesting Huawei is or isn't enabling badness globally but I think it would be technically feasible.

I am assuming a not-Hauwei-only network.

The idea that a router could send things through other routers without someone who is looking for it noticing is 

Of course, most people aren't paying attention, a few extra frames wouldn't be noticed most likely. But if you are 
worried about it, you should be looking.

Also, I find it difficult to believe Hauwei has the ability to do DPI or something inside their box and still route at 
reasonable speeds is a bit silly. Perhaps they only duplicate packets based on source/dest IP address or something that 
is magically messaged from the mother ship, but I am dubious.

It should be trivial to prove to yourself the box is, or is not, doing something evil if you actually try.


------Original Message------
From: Patrick W. Gilmore
To: NANOG list
Subject: Re: huawei
Sent: Jun 13, 2013 12:22 PM

On Jun 13, 2013, at 12:18 , Nick Khamis <symack () gmail com> wrote:

A local clec here in Canada just teamed up with this company to
provide cell service to the north:




Do you think Huawei has a magic ability to transmit data without you noticing?

If you don't want to use Hauwei because they stole code or did other nasty things, I'm right there with you. If you 
believe a router can somehow magically duplicate info and transport it back to China (ignoring CT/CU's inability to 
have congestion free links), I think you are confused.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]