Menu
What's new
By:
Filters Better Search

Network client list Unknown Client

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

OzarkEdge said:
"But that’s just what U.S. investigators found: The chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People’s Liberation Army. In Supermicro, China’s spies appear to have found a perfect conduit for what U.S. officials now describe as the most significant supply chain attack known to have been carried out against American companies."

https://www.bloomberg.com/news/feat...ny-chip-to-infiltrate-america-s-top-companies

:)

OE
Click to expand...
I remember reading that story at the time, and frankly I was very sceptical. It was large on hyperbole and thin on facts. Lots of columns inches dedicated to unconfirmed accusations but only a passing mention of Amazon and Apple flatly denying it was true. I see the consensus now is that Bloomberg got it wrong.
 
ColinTaylor said:
I remember reading that story at the time, and frankly I was very sceptical. It was large on hyperbole and thin on facts. Lots of columns inches dedicated to unconfirmed accusations but only a passing mention of Amazon and Apple flatly denying it was true. I see the consensus now is that Bloomberg got it wrong.
Click to expand...

I don't know if the story is true or not, I don't have the resources to follow the money to find the truth, but a second, hardwired IP is real.

I would be replacing that equipment asap. I would be disconnecting it pronto.
 
L&LD said:
, but a second, hardwired IP is real.
Click to expand...
I'd be more inclined to suspect that there's some software running on the PC that has created a virtual interface on the physical interface and is using a randomly generated MAC address. Similar to what wireless repeaters do. Either way, if it happens again he could do an "ipconfig /all" to see where it's coming from.
 
ColinTaylor said:
I'd be more inclined to suspect that there's some software running on the PC that has created a virtual interface on the physical interface and is using a randomly generated MAC address. Similar to what wireless repeaters do. Either way, if it happens again he could do an "ipconfig /all" to see where it's coming from.
Click to expand...

I have hinted at that too, in the posts above. :)

But it doesn't stop the possibility that this is an unwanted intrusion.
 
L&LD said:
I would be replacing that equipment asap. I would be disconnecting it pronto.
Click to expand...

Cisco products were found to have embedded bugs as well (I believe they were inserted in transit, at least according to the original report), yet I don't see everyone ditching Cisco just yet.

Interesting how the US market gets paranoid with anything from China, yet when something similar happens in their own backyard, they conveniently "forget" about it.
 
RMerlin said:
Cisco products were found to have embedded bugs as well (I believe they were inserted in transit, at least according to the original report), yet I don't see everyone ditching Cisco just yet.

Interesting how the US market gets paranoid with anything from China, yet when something similar happens in their own backyard, they conveniently "forget" about it.
Click to expand...

Thank you! One more reason for me to stay away from Cisco as I have been doing so far. :)
 
L&LD said:
Thank you! One more reason for me to stay away from Cisco as I have been doing so far. :)
Click to expand...

Scratch Juniper as the alternative then - backdoors were found in their code a year or two ago...

What this amounts to is: if you are trying to find issues with any manufacturer, you WILL find some. And oddly enough, the US market seems to be great at pointing out issues with foreign products, yet they turn a blind eye on their own backyard issues. The mass surveillance from the NSA, all the software holes the NSA kept for themselves and actively exploited... Nobody talks about them anymore. But hey, let's block Huawei from providing us with 5G products, even if their technology might be better than ours. Actually, ESPECIALLY because it's better. Gotta protect our market, rather than drive ourselves to improve. So, let's accuse them of MAYBE spying on us, while we ignore that the NSA is already doing it as a matter of fact.

I better stop there, because I could keep going on this for a very long time...
 
RMerlin said:
Scratch Juniper as the alternative then - backdoors were found in their code a year or two ago...

What this amounts to is: if you are trying to find issues with any manufacturer, you WILL find some. And oddly enough, the US market seems to be great at pointing out issues with foreign products, yet they turn a blind eye on their own backyard issues. The mass surveillance from the NSA, all the software holes the NSA kept for themselves and actively exploited... Nobody talks about them anymore. But hey, let's block Huawei from providing us with 5G products, even if their technology might be better than ours. Actually, ESPECIALLY because it's better. Gotta protect our market, rather than drive ourselves to improve. So, let's accuse them of MAYBE spying on us, while we ignore that the NSA is already doing it as a matter of fact.

I better stop there, because I could keep going on this for a very long time...
Click to expand...

RMerlin, I agree and see the point(s) you are making, but those manufacturers have never been on my purchasing or recommendation list, at least not seriously (after a few months of research and cost-benefit analysis).

My only point here is what is being transferred and to who this approximately 5 to 6 MB of 'data' every few days? I don't think I'm being over-paranoid here? Am I?

I haven't seen anything like this in any network I've worked on, or my own. This seems at least a little alarming at this time. Can you shed any further thoughts on this aspect of the thread?
 
Could just be the Trend Micro DPI mis-identifying the service as Checkpoint when it's a Supermicro MAC.

He'll need to check the inbound/outbound connections while it occurs to see what's the remote endpoint - that would probably allow to identify the trafic.
 
RMerlin said:
Could just be the Trend Micro DPI mis-identifying the service as Checkpoint when it's a Supermicro MAC.

He'll need to check the inbound/outbound connections while it occurs to see what's the remote endpoint - that would probably allow to identify the trafic.
Click to expand...

And the actual data stream? What would be the best way to see what is being transferred?
 
L&LD said:
And the actual data stream? What would be the best way to see what is being transferred?
Click to expand...

If it's over TLS, you can't.
 
You must log in or register to reply here.

Similar threads

tagfoto
Pulse Secure Desktop Client Failing
Replies
8
Views
520
sfx2000
sfx2000
D
Heavy use client on Traffic Analyzer but not on the network map client list
Replies
14
Views
1K
DETstru
D
D
Running AiMesh nodes through a fiber switch/converter - what worked for me.
Replies
2
Views
579
DTM
D
B
Upgraded from RT-AX88U to TUF AX6000, observations regarding aimesh.
Replies
10
Views
2K
Bawsnia
B
R
Things to try when Network Map Clients List freezes
Replies
9
Views
1K
iFrogMac
I
Similar threads
Thread starter Title Forum Replies Date
D Heavy use client on Traffic Analyzer but not on the network map client list ASUS Wireless 14
L Possible to have one drive formatted as two partitions, mounting as two network drives (for backups)? ASUS Wireless 6
H Asus Network design ASUS Wireless 13
R Correct setup of network devices ASUS Wireless 12
S PCVR Asus XT8 AiMesh local network traffic path ASUS Wireless 5
C Attempting to design an ASUS Mesh Network purposely using a double NAT? Good or bad idea? ASUS Wireless 7
J GUEST network internet connectivity issues - ASUS RT-AX86U Pro ASUS Wireless 25
M XT9 - Guest network issues when connected to wired node ASUS Wireless 15
H Guest Network Causes 2.4 Ghz Conflict ASUS Wireless 5
W Solved AIMesh support for Guest Network on Nodes ASUS Wireless 3

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 664 (members: 19, guests: 645)
Top