InShortViral: OS of Juniper Networks Sales for managing Firewall discovered to carry an unauthorized code that decrypts the traffic and quietly sent through a virtual secret network, the company warned.
Operating system consists of Juniper Networks Sales for managing Firewall discovered to carry an unauthorized code that decrypts the traffic and quietly sent through a virtual secret network, the staff of the company warned on Thursday.
It is not clear how these codes resemble, and the proximity of the long. This issued by the company’s message, by utilizing ScreenOS 6.2.0r15 to 6.2.0r18 there 6.3.0r12 to 6.3.0r20 of NetScreen in which firewalls are affected, wanting urgent repair. Juniper declared the first official announcement recommendation attack version will be affected by the inquiry should be at least until 2012 or even earlier. There is no evidence indicating that the back door was also placed on the other Juniper Networks operating system or device.
Juniper Warns of Spying Code in Firewalls With ScreenOS Backdoored
“In a recent internal code review, Juniper Networks ScreenOS discovered unauthorized code, allowing the senior attacker to gain administrative privileges to the NetScreen device and decrypting VPN connection,” chief information officer, Juniper Networks Bob Worrall wrote. “Once we have identified these loopholes, we will expand the investigation into the matter, and efforts to develop and release a patch version ScreenOS latest version, Download Here.”
Juniper Networks independent consultants mentioned, there are two different vulnerabilities is not enough to be called “unauthorized code.” The announcement mentioned, “The first vulnerability could allow the affected equipment unauthorized remote management access via SSH or Telnet the vulnerability can lead to a thorough second vulnerability could allow harm can monitor VPN traffic, a senior attack persons and decrypt the traffic. “The first vulnerability is an independent existence, there is no way to detect if the vulnerability has been exploited.”
They also said that VPN-breaking code causes the unauthorized code, rather than an accident of programming flaws, which led in ScreenOS deliberate tampering. For such tampering, the most likely culprit is the United States National Security Agency or one of their many colleagues around the world. By former National Security Agency contractor, Edward Snowden leaked confidential documents show that agents from the National Security Agency to intercept network equipment company Cisco Systems, just because they are delivered to the customer. Before they are sent to their final destination in the information in the device firmware installed hidden implants.
Because many processes are involved, the installation of unauthorized code to an official of the operating system behavior has been more subtle, and in recent years seems to have become a more sophisticated and forward work. The weekly published a report in 2013 said, for Juniper Networks Firewall action the US National Security Agency called FEEDTHROUGH work, which gives the agency provides continuous back door.
Also Read: Top Best Hacking Tutorials In 2016
The article reported: “This malicious software mining Juniper’s firewall, and possibly steal other plans to the US National Security Agency on mainframe computers thanks, FEEDTROUGH, these implants can be designed, and even reboot and software upgrades. In this way, the US government can retain its own spies in a computer network to obtain a long-existing directory FEEDTROUGH deployed in many of the target platforms. “
Of course, it can also install some other way at the back door. Juniper Networks does not mention suspected consultant who moved the hands and feet as well as the steps taken to find the back door. Ars Juniper has asked for more details, please sustained attention.