The company warned that the OS of Juniper Networks Sales for managing Firewall was discovered to carry an unauthorized code that decrypts the traffic and is quietly sent through a virtual secret network.
The operating system consists of Juniper Networks Sales for managing Firewall discovered to carry an unauthorized code that decrypts the traffic and quietly sends through a virtual secret network, the company’s staff warned on Thursday.
It is not clear how these codes resemble and the proximity of the long. Juniper declared the first official announcement recommendation attack version would be affected by the inquiry should be at least until 2012 or even earlier. This is issued by the company’s message; by utilizing ScreenOS 6.2.0r15 to 6.2.0r18, there are 6.3.0r12 to 6.3.0r20 of NetScreen in which firewalls are affected, wanting urgent repair. No evidence indicates that the back door was also placed on the other Juniper Networks operating system or device.
Juniper Warns of Spying Code in Firewalls With ScreenOS Backdoored
“In a recent internal code review, Juniper Networks ScreenOS discovered unauthorized code, allowing the senior attacker to gain administrative privileges to the NetScreen device and decrypting VPN connection,” chief information officer of Juniper Networks Bob Worrall wrote. “Once we have identified these loopholes, we will expand the investigation into the matter and efforts to develop and release a patch version ScreenOS latest version, Download Here.”
Juniper Networks’ independent consultants mentioned that two different vulnerabilities are not enough to be called “unauthorized code.” The announcement said, “The first vulnerability could allow the affected equipment unauthorized remote management access via SSH or Telnet. The vulnerability can lead to a particular second vulnerability that could allow harm can monitor VPN traffic, a senior attack person, and decrypt the traffic. “The first vulnerability is an independent existence; there is no way to detect if the vulnerability has been exploited.”
They also said that VPN-breaking code causes the unauthorized code, rather than an accident of programming flaws, leading to ScreenOS deliberate tampering. For such tampering, the most likely culprit is the United States National Security Agency or one of their many colleagues worldwide. Former National Security Agency contractor Edward Snowden leaked confidential documents showing that agents from the National Security Agency intercept network equipment company Cisco Systems just because they are delivered to the customer. Before they are sent to their final destination, the information in the device firmware installed hidden implants.
Because many processes are involved, installing unauthorized code to an official operating system behavior has been more subtle. In recent years, it seems to have become a more sophisticated and forward work. The weekly published a report in 2013 that said, for Juniper Networks Firewall action, the US National Security Agency called FEEDTHROUGH work, which gives the agency provides continuous back door.
Also Read: Top Best Hacking Tutorials
The article reported: “This malicious software mining Juniper’s firewall, and possibly steal other plans to the US National Security Agency on mainframe computers thanks, FEED TROUGH, these implants can be designed, and even reboot and software upgrades. This way, the US government can retain its spies in a computer network to obtain a long-existing directory FEED TROUGH deployed in many of the target platforms. “
Of course, it can also install another way at the back door. Juniper Networks does not mention the suspected consultant who moved the hands and feet or the steps to find the back door. Ars Juniper has asked for more details; please sustain attention.