27 May
2008
27 May
'08
8:42 a.m.
An alternative rootkit ? Privilege level 16 used by the Lawful Intercept [12] feature could be abused to do some of this too. Or the other way around: use a "patched" IOS to keep an eye on Law Enforcement's >operations on the router as privilege level 15 doesn't allow it and the only alternative is to sniff the traffic export.
The combination of rootkits and specially privileged Lawful Intercept functions is a very dangerous one. This was precisely what was exploited in the now-legendary and still unsolved Vodafone Greece hack. Alex