What kind of routers does the NSA use?

What kind of routers does the NSA use ?

  • D-link baby !!

  • Cisco ?

  • PFsense

  • Roll-your-own BSD/Linux

  • Other ? (state what)


Results are only viewable after voting.

Cmustang87

Supreme [H]ardness
Joined
Oct 4, 2007
Messages
4,497
This is one of the most ridiculous questions I have ever seen on this forum and I have been around here a while.
 

BrainEater

Gawd
Joined
Jul 21, 2004
Messages
1,023
It IS ridiculous.I was laughing the whole time I typed it.
The question still stands.

hehe
 

stormy1

[H]ard|Gawd
Joined
Apr 3, 2008
Messages
1,053
commercial hardware with a custom software stack *bang* your dead.
 

wirerogue

Limp Gawd
Joined
Mar 2, 2012
Messages
398
 

viscountalpha

2[H]4U
Joined
Oct 16, 2011
Messages
2,549
What kind of question gets me in the most amount of trouble in the shortest amount of time?
 
  • Like
Reactions: rma
like this

tangoseal

[H]F Junkie
Joined
Dec 18, 2010
Messages
9,070
They are going to use Cisco predominately due to contracting, not to mention in every Cisco device I have ever managed, hundreds of them at once, they all have NSA code disclaimers and non-export crypto agreements etc... NSA is stamped all over the damn things.

But for the sake of these forums they use original factory firmware Linksys WRT54Gs for every server.
 

Phantum

[H]ard|Gawd
Joined
Jul 25, 2001
Messages
1,716
I'd put my money on either customized Cisco boxes or something special from Narus.
 

Phantum

[H]ard|Gawd
Joined
Jul 25, 2001
Messages
1,716
openbsd-all-around :)

I suppose that makes sense seeing as how it has a heavy security focus however openbsds network stack intentionally doesn't allow for stuff like traffic inspection (though they could just as easily use a separate dedicated box for that).
 

BrainEater

Gawd
Joined
Jul 21, 2004
Messages
1,023
Aw...Fail.
----
They use all of them 24/7 !! hahah !!
... and they use mine a lot apparently too !
(I left those options out of the poll on purpose !!)
-----
I think tangoseal is probably correct on a percentage basis......Cisco is the standard.

:D

What kind of question gets me in the most amount of trouble in the shortest amount of time?

There is no such thing as a stupid question, and no question is out of bounds.
 

J-Will

[H]ard|Gawd
Joined
Jan 10, 2009
Messages
1,727
I have no idea, but I would hope they use something commercial that can integrate into a PAM tool to fully manage admin passwords.
 

BrainEater

Gawd
Joined
Jul 21, 2004
Messages
1,023
After reading about 'cherry blossom' today , I almost think the question would be better served as;

What routers are NEVER used by three letter agencies.
I'm pretty sure the poll would be the same tho.

:D
 

Infamia

n00b
Joined
Jun 16, 2017
Messages
1
Cisco routers are usually used by most corporations, I wouldn't exactly higher their general intelligence than higher to that of an organization like NASA or whatnot- they probably run some custom firmware with basic configuration & possibly default credentials.

I'd bet on Cisco all the way.
 

wolfofone

Gawd
Joined
Aug 15, 2010
Messages
725
Shit from the future, man! lol jk.

My first guess would be Cisco but I would not be surprised if the NSA is using Cisco hardware with their own custom firmware and software stack.
 

VRT

Limp Gawd
Joined
Jul 15, 2016
Messages
460
From what I understand and what anyone can gather by their public job postings etc. the winner is Cisco. They do have a minimal amount of Juniper etc. Also from what I understand their intercept devices are roll your own.
 
  • Like
Reactions: rma
like this

NoOther

Supreme [H]ardness
Joined
May 14, 2008
Messages
6,468
I can't believe you left Juniper off the list. Likely they are using Juniper routers and Cisco core switches. Of course then there is a shit ton of other networking equipment in there including Palo Alto firewalls, F5 load balancers, Cisco IronPorts, Fireeye, etc.
 
Joined
Jun 1, 2017
Messages
7
What kind of question gets me in the most amount of trouble in the shortest amount of time?

In light of all cybersecurity issues between nation states, and being a network security professional, I think the question is perfectly acceptable. I want to know that our govt uses secure devices and in fact would like to see an audit report made public attesting to that fact. They don't have to print the vulnerabilities - but a report on the reliability and security levels would be nice - along with plans to upgrade/strengthen them.
 

SJConsultant

2[H]4U
Joined
Jan 14, 2004
Messages
3,600
In light of all cybersecurity issues between nation states, and being a network security professional, I think the question is perfectly acceptable. I want to know that our govt uses secure devices and in fact would like to see an audit report made public attesting to that fact. They don't have to print the vulnerabilities - but a report on the reliability and security levels would be nice - along with plans to upgrade/strengthen them.

Like what Juniper puts online?
 

NoOther

Supreme [H]ardness
Joined
May 14, 2008
Messages
6,468
In light of all cybersecurity issues between nation states, and being a network security professional, I think the question is perfectly acceptable. I want to know that our govt uses secure devices and in fact would like to see an audit report made public attesting to that fact. They don't have to print the vulnerabilities - but a report on the reliability and security levels would be nice - along with plans to upgrade/strengthen them.

Like STIGs (Security Technical Implementation Guides)?
 

VRT

Limp Gawd
Joined
Jul 15, 2016
Messages
460
Then that acquaintance should have already provided the answer for you.

Not always, a lot of times the vendor doesn't know that their device is being used and for these agencies they buy a large number of them for penetration testing and evaluation.
 

NoOther

Supreme [H]ardness
Joined
May 14, 2008
Messages
6,468
Not always, a lot of times the vendor doesn't know that their device is being used and for these agencies they buy a large number of them for penetration testing and evaluation.

Umm, no, the vendor absolutely knows. In fact, these agencies hire Juniper employees directly for support, which is generally how Juniper likes to do business. The vendors are very much involved in the process of designing the solution, securing the devices, and supporting them. In fact, that is written in government contracts on purpose.
 

VRT

Limp Gawd
Joined
Jul 15, 2016
Messages
460
Umm, no, the vendor absolutely knows. In fact, these agencies hire Juniper employees directly for support, which is generally how Juniper likes to do business. The vendors are very much involved in the process of designing the solution, securing the devices, and supporting them. In fact, that is written in government contracts on purpose.

I am telling you for a fact they do not know what the devices that they purchase are being used for. Some specialized people may, but they are not allowed to send it upstream due to security clearance and need to know basis.

If the Cisco/NSA relationship was so close then WHY would the NSA do shipping intercepts on devices outbound to customers rather than just intercept it internal while at Cisco?
 

NoOther

Supreme [H]ardness
Joined
May 14, 2008
Messages
6,468
I am telling you for a fact they do not know what the devices that they purchase are being used for. Some specialized people may, but they are not allowed to send it upstream due to security clearance and need to know basis.

If the Cisco/NSA relationship was so close then WHY would the NSA do shipping intercepts on devices outbound to customers rather than just intercept it internal while at Cisco?

I am telling you for a fact that they do. There is no secret in what the government uses for routers, the only secrets is in the overall architecture of their network stacks. There are some devices in the stack that they might keep secret, but the routers and switches are not one of them. I don't know what "shipping intercepts" you are talking about, but most shipments go to a centralized location and then are transported from there to the actual site for internal tracking purposes. That way they can check the equipment into a central database and they know what sites have what equipment, and then they know when it is out of date, needs to be upgraded, and make it easier to swap things in and out from a central source. This isn't much different from how large corporations operate.
 

VRT

Limp Gawd
Joined
Jul 15, 2016
Messages
460
I am telling you for a fact that they do. There is no secret in what the government uses for routers, the only secrets is in the overall architecture of their network stacks. There are some devices in the stack that they might keep secret, but the routers and switches are not one of them. I don't know what "shipping intercepts" you are talking about, but most shipments go to a centralized location and then are transported from there to the actual site for internal tracking purposes. That way they can check the equipment into a central database and they know what sites have what equipment, and then they know when it is out of date, needs to be upgraded, and make it easier to swap things in and out from a central source. This isn't much different from how large corporations operate.

You are right for their COTS(Commercial Off The Shelf) stuff that isn't involved with the higher levels of security this is correct. But once you move past the office drones things change. You can bet your left nut that the NSA is using a lot of custom stuff, hell some of the bases around here do.

Shipping intercepts is where the NSA will find out that a target is ordering a switch/router or other piece of equipment the NSA will redirect that shipment covertly to one of their labs and install some "interesting" firmware/hardware and then make it reenter the shipping center covertly. You can bet your right nut that the vendor gives the NSA no support in either doing this or developing the vectors of how this is done or how the firmware/hardware is developed.

Cheers.
 

NoOther

Supreme [H]ardness
Joined
May 14, 2008
Messages
6,468
You are right for their COTS(Commercial Off The Shelf) stuff that isn't involved with the higher levels of security this is correct. But once you move past the office drones things change. You can bet your left nut that the NSA is using a lot of custom stuff, hell some of the bases around here do.

Shipping intercepts is where the NSA will find out that a target is ordering a switch/router or other piece of equipment the NSA will redirect that shipment covertly to one of their labs and install some "interesting" firmware/hardware and then make it reenter the shipping center covertly. You can bet your right nut that the vendor gives the NSA no support in either doing this or developing the vectors of how this is done or how the firmware/hardware is developed.

Cheers.

I wouldn't bet my right nut on any of the stuff your saying. I have given you advice. You choose to believe something else, so I don't know what to tell you. You specifically talked about "routers being used by the NSA", I gave you the answer in regard to that. If you want to start talking about other security measures beyond "routing" or what the NSA itself uses, then that is an entirely different matter, but one I already alluded to in my posts.

As far as the "intercepts", I don't know what to tell you about that either. Those routers are not routers specifically being used by the NSA. Those are routers being compromised by the NSA, that is something different. I really have no comments on that.
 
D

Deleted member 133315

Guest
Without using one being overtly illegal, I recommend this:
"Ma'am, Are you pregnant or are you just fat?"
Try this pretty much anywhere. Guaranteed instant results.


I did that to my dentist seconds before she was about to drill into my teeth.

As she called me from the waiting room and as we were walking to her room, I said, oh I see your pregnant again congrat.... NO came the answer mid sentence.

WTF moment number 56783526 just happened.

I now know why I am usually in pain for days after my dental visits, like the last time where she only numbed only one of the teeth she was working on, she did inform me that this might hurt a little, wtf daft bitch you dont drill into unnumbed teeth and you stop when i say argh not when you feel enough pain has been inflicted.

As for the OP's question.

The dont use routers, they are old school and just stick an ethernet cable into an open non secured modem.
 
Top