So detection on Five Eyes variants is right out then?
Cisco tool IDs malware in the firmware
Cisco's moved on the “SYNful knock” vulnerability with a free tool letting admins test their routers for fudged firmware. The vulnerability emerged in August, when The Borg warned that its ROMMON firmware had been reverse-engineered. That meant a privileged user could flash routers with compromised versions. Within a month, …