When inspecting IT / MDF / IDF rooms for unauthorized equipment and connections be sure to include a visual inspection of the router switches. While not a definitive evaluation, visual indicators are important first clues. Example…
Currently, one of the most popular switches one is likely to encounter is the Cisco 2960.
Spotting Counterfeit IT Gear
“The suspected counterfeit switch (left) has port numbers in bright white, while the known genuine device has them in grey. The text itself is misaligned. The triangles indicating different ports are different shapes.” (F-Secure)
Additionally, note the thickness of the top gray bars and the shade differences of the yellow. Fonts, text alignment and color shades are the prominent external indicators of fake or counterfeit items in general. Once sensitized to this, spotting fakes becomes much more easy. A YouTube video about fake calipers provides an excellent educational start.
In this photo note, “The mode button’s shape is slightly different. The square next to themanagement port is greenish on the counterfeit switch. On the genuine device, it is bright yellow.”
Internal inspection is another way to spot counterfeit IT gear. It reveals more clues, such as: missing authentication stickers, sloppy assembly, integrated circuits without identification markings, and “extra” components—possibly spy related—soldered onto the circuit board.
As always, if you see something, say something. (pdf version)
###
Murray Associates is an independent security consulting firm, providing eavesdropping detection and counterespionage services to business, government and at-risk individuals.
Headquartered in the New York metropolitan area, a Murray Associates team can assist you quickly, anywhere in the United States, and internationally.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.