What kind of routers does the NSA use?

Discussion in 'Networking & Security' started by BrainEater, Jun 6, 2017.

What kind of routers does the NSA use ?

  1. D-link baby !!

  2. Cisco ?

  3. PFsense

  4. Roll-your-own BSD/Linux

  5. Other ? (state what)

Results are only viewable after voting.
  1. BrainEater

    BrainEater Gawd

    Messages:
    726
    Joined:
    Jul 21, 2004
    I'm betting they are roll-your-own, but I am curious all the same.

    :ROFLMAO:
     
  2. Cmustang87

    Cmustang87 2[H]4U

    Messages:
    4,039
    Joined:
    Oct 4, 2007
    This is one of the most ridiculous questions I have ever seen on this forum and I have been around here a while.
     
  3. BrainEater

    BrainEater Gawd

    Messages:
    726
    Joined:
    Jul 21, 2004
    It IS ridiculous.I was laughing the whole time I typed it.
    The question still stands.

    hehe
     
  4. stormy1

    stormy1 Gawd

    Messages:
    996
    Joined:
    Apr 3, 2008
    commercial hardware with a custom software stack *bang* your dead.
     
  5. wirerogue

    wirerogue Circle Jerkin'

    Messages:
    390
    Joined:
    Mar 2, 2012
  6. N4CR

    N4CR 2[H]4U

    Messages:
    2,073
    Joined:
    Oct 17, 2011
  7. modi123

    modi123 2[H]4U

    Messages:
    3,761
    Joined:
    Sep 6, 2006
    Linksys, duh.

    [​IMG]

    Occasionally they use yours.
     
  8. Olga-SAN

    Olga-SAN Limp Gawd

    Messages:
    301
    Joined:
    Mar 14, 2011
    openbsd-all-around :)

     
    mwarps likes this.
  9. viscountalpha

    viscountalpha [H]ard|Gawd

    Messages:
    1,993
    Joined:
    Oct 16, 2011
    What kind of question gets me in the most amount of trouble in the shortest amount of time?
     
    rma likes this.
  10. tangoseal

    tangoseal [H]ardness Supreme

    Messages:
    5,446
    Joined:
    Dec 18, 2010
    They are going to use Cisco predominately due to contracting, not to mention in every Cisco device I have ever managed, hundreds of them at once, they all have NSA code disclaimers and non-export crypto agreements etc... NSA is stamped all over the damn things.

    But for the sake of these forums they use original factory firmware Linksys WRT54Gs for every server.
     
    wolfofone likes this.
  11. vr.

    vr. 2[H]4U

    Messages:
    3,296
    Joined:
    Mar 30, 2010
    Without using one being overtly illegal, I recommend this:
    "Ma'am, Are you pregnant or are you just fat?"
    Try this pretty much anywhere. Guaranteed instant results.
     
    Ur_Mom, Brian_B and viscountalpha like this.
  12. Phantum

    Phantum [H]ard|Gawd

    Messages:
    1,714
    Joined:
    Jul 25, 2001
    I'd put my money on either customized Cisco boxes or something special from Narus.
     
  13. Phantum

    Phantum [H]ard|Gawd

    Messages:
    1,714
    Joined:
    Jul 25, 2001
    I suppose that makes sense seeing as how it has a heavy security focus however openbsds network stack intentionally doesn't allow for stuff like traffic inspection (though they could just as easily use a separate dedicated box for that).
     
  14. BrainEater

    BrainEater Gawd

    Messages:
    726
    Joined:
    Jul 21, 2004
    Aw...Fail.
    ----
    They use all of them 24/7 !! hahah !!
    ... and they use mine a lot apparently too !
    (I left those options out of the poll on purpose !!)
    -----
    I think tangoseal is probably correct on a percentage basis......Cisco is the standard.

    :D

    There is no such thing as a stupid question, and no question is out of bounds.
     
    viscountalpha likes this.
  15. scobar

    scobar .

    Messages:
    33,615
    Joined:
    Jan 2, 2001
    They use DD-WRT.
     
  16. J-Will

    J-Will [H]ard|Gawd

    Messages:
    1,744
    Joined:
    Jan 10, 2009
    I have no idea, but I would hope they use something commercial that can integrate into a PAM tool to fully manage admin passwords.
     
  17. BrainEater

    BrainEater Gawd

    Messages:
    726
    Joined:
    Jul 21, 2004
    After reading about 'cherry blossom' today , I almost think the question would be better served as;

    What routers are NEVER used by three letter agencies.
    I'm pretty sure the poll would be the same tho.

    :D
     
  18. Infamia

    Infamia n00bie

    Messages:
    1
    Joined:
    Jun 16, 2017
    Cisco routers are usually used by most corporations, I wouldn't exactly higher their general intelligence than higher to that of an organization like NASA or whatnot- they probably run some custom firmware with basic configuration & possibly default credentials.

    I'd bet on Cisco all the way.
     
  19. wolfofone

    wolfofone Gawd

    Messages:
    635
    Joined:
    Aug 15, 2010
    Shit from the future, man! lol jk.

    My first guess would be Cisco but I would not be surprised if the NSA is using Cisco hardware with their own custom firmware and software stack.
     
  20. VRT

    VRT Limp Gawd

    Messages:
    439
    Joined:
    Jul 15, 2016
    From what I understand and what anyone can gather by their public job postings etc. the winner is Cisco. They do have a minimal amount of Juniper etc. Also from what I understand their intercept devices are roll your own.
     
    rma likes this.
  21. NoOther

    NoOther [H]ardness Supreme

    Messages:
    4,927
    Joined:
    May 14, 2008
    I can't believe you left Juniper off the list. Likely they are using Juniper routers and Cisco core switches. Of course then there is a shit ton of other networking equipment in there including Palo Alto firewalls, F5 load balancers, Cisco IronPorts, Fireeye, etc.
     
  22. BrainEater

    BrainEater Gawd

    Messages:
    726
    Joined:
    Jul 21, 2004
    I have an acquaintance that works for Juniper.
    I left many choices off the list really.
    -
    :D
     
  23. NoOther

    NoOther [H]ardness Supreme

    Messages:
    4,927
    Joined:
    May 14, 2008
    Then that acquaintance should have already provided the answer for you.
     
  24. SpaceFlotsam

    SpaceFlotsam n00bie

    Messages:
    8
    Joined:
    Jun 1, 2017
    In light of all cybersecurity issues between nation states, and being a network security professional, I think the question is perfectly acceptable. I want to know that our govt uses secure devices and in fact would like to see an audit report made public attesting to that fact. They don't have to print the vulnerabilities - but a report on the reliability and security levels would be nice - along with plans to upgrade/strengthen them.
     
  25. SJConsultant

    SJConsultant 2[H]4U

    Messages:
    3,626
    Joined:
    Jan 14, 2004
    Like what Juniper puts online?
     
  26. NoOther

    NoOther [H]ardness Supreme

    Messages:
    4,927
    Joined:
    May 14, 2008
    Like STIGs (Security Technical Implementation Guides)?
     
  27. VRT

    VRT Limp Gawd

    Messages:
    439
    Joined:
    Jul 15, 2016
    Not always, a lot of times the vendor doesn't know that their device is being used and for these agencies they buy a large number of them for penetration testing and evaluation.
     
  28. NoOther

    NoOther [H]ardness Supreme

    Messages:
    4,927
    Joined:
    May 14, 2008
    Umm, no, the vendor absolutely knows. In fact, these agencies hire Juniper employees directly for support, which is generally how Juniper likes to do business. The vendors are very much involved in the process of designing the solution, securing the devices, and supporting them. In fact, that is written in government contracts on purpose.
     
  29. VRT

    VRT Limp Gawd

    Messages:
    439
    Joined:
    Jul 15, 2016
    I am telling you for a fact they do not know what the devices that they purchase are being used for. Some specialized people may, but they are not allowed to send it upstream due to security clearance and need to know basis.

    If the Cisco/NSA relationship was so close then WHY would the NSA do shipping intercepts on devices outbound to customers rather than just intercept it internal while at Cisco?
     
  30. NoOther

    NoOther [H]ardness Supreme

    Messages:
    4,927
    Joined:
    May 14, 2008
    I am telling you for a fact that they do. There is no secret in what the government uses for routers, the only secrets is in the overall architecture of their network stacks. There are some devices in the stack that they might keep secret, but the routers and switches are not one of them. I don't know what "shipping intercepts" you are talking about, but most shipments go to a centralized location and then are transported from there to the actual site for internal tracking purposes. That way they can check the equipment into a central database and they know what sites have what equipment, and then they know when it is out of date, needs to be upgraded, and make it easier to swap things in and out from a central source. This isn't much different from how large corporations operate.
     
  31. Ehren8879

    Ehren8879 Gots the Vaporwares

    Messages:
    4,197
    Joined:
    Sep 24, 2004
  32. VRT

    VRT Limp Gawd

    Messages:
    439
    Joined:
    Jul 15, 2016
    You are right for their COTS(Commercial Off The Shelf) stuff that isn't involved with the higher levels of security this is correct. But once you move past the office drones things change. You can bet your left nut that the NSA is using a lot of custom stuff, hell some of the bases around here do.

    Shipping intercepts is where the NSA will find out that a target is ordering a switch/router or other piece of equipment the NSA will redirect that shipment covertly to one of their labs and install some "interesting" firmware/hardware and then make it reenter the shipping center covertly. You can bet your right nut that the vendor gives the NSA no support in either doing this or developing the vectors of how this is done or how the firmware/hardware is developed.

    Cheers.
     
  33. NoOther

    NoOther [H]ardness Supreme

    Messages:
    4,927
    Joined:
    May 14, 2008
    I wouldn't bet my right nut on any of the stuff your saying. I have given you advice. You choose to believe something else, so I don't know what to tell you. You specifically talked about "routers being used by the NSA", I gave you the answer in regard to that. If you want to start talking about other security measures beyond "routing" or what the NSA itself uses, then that is an entirely different matter, but one I already alluded to in my posts.

    As far as the "intercepts", I don't know what to tell you about that either. Those routers are not routers specifically being used by the NSA. Those are routers being compromised by the NSA, that is something different. I really have no comments on that.
     
  34. BrainEater

    BrainEater Gawd

    Messages:
    726
    Joined:
    Jul 21, 2004
    That's what my Juniper buddy said.
    NO COMMENT

    haha

    anyways...
     
    NoOther likes this.
  35. EVIL-SCOTSMAN

    EVIL-SCOTSMAN 2[H]4U

    Messages:
    4,040
    Joined:
    Feb 28, 2006

    I did that to my dentist seconds before she was about to drill into my teeth.

    As she called me from the waiting room and as we were walking to her room, I said, oh I see your pregnant again congrat.... NO came the answer mid sentence.

    WTF moment number 56783526 just happened.

    I now know why I am usually in pain for days after my dental visits, like the last time where she only numbed only one of the teeth she was working on, she did inform me that this might hurt a little, wtf daft bitch you dont drill into unnumbed teeth and you stop when i say argh not when you feel enough pain has been inflicted.

    As for the OP's question.

    The dont use routers, they are old school and just stick an ethernet cable into an open non secured modem.