Dailydave mailing list archives
Re: tubes clogged
From: Fyodor <fygrave () gmail com>
Date: Tue, 30 Dec 2008 09:18:10 +0800
"...their research required massive computational resources that had to be utilized within a specific window of time": indicates some form of brute-force cryptokey cracking.
the "specific window of time" bit makes me think of some sort of session keys, heh :) Also, somehow the "abusing the Internet" thing became synonymical to "abusing internet routing protocols" (otherwise why everyone is bringing up the BGP issue). Can't there be other things to be abused? like authentication certs, PKI infrastructures, authentication mechanisms to control domain naming, RIPE or other registrar databases ... ? Say, if you're able to manipulate registrar database, there are alot of things you could do without actually having to mock with protocols at low level. Computation-wise, in old days it was enough to crack a DES hash (queryable by anyone, crackable with rainbow tables) to control AS entries, and IMHO they haven't improved much since that time (md5 instead of des is still not a big deal if you have "massive computational resources"). _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- tubes clogged Alexander Sotirov (Dec 29)
- Re: tubes clogged Jared DeMott (Dec 29)
- Re: tubes clogged J. Oquendo (Dec 29)
- Re: tubes clogged Can Erkin Acar (Dec 29)
- Re: tubes clogged Jess Kitchen (Dec 29)
- Re: tubes clogged J. Oquendo (Dec 29)
- Re: tubes clogged H D Moore (Dec 29)
- Re: tubes clogged Petja van der Lek (Dec 29)
- Re: tubes clogged Fyodor (Dec 29)
- Re: tubes clogged Jess Kitchen (Dec 29)
- Re: tubes clogged Thorsten Holz (Dec 30)
- Re: tubes clogged dan (Dec 30)
- Re: tubes clogged Paul Melson (Dec 30)
- Re: tubes clogged Petja van der Lek (Dec 29)
- Re: tubes clogged Jared DeMott (Dec 29)
- MD5 Considered Harmful Today: Creating a rogue CA certificate Alexander Sotirov (Dec 30)
- Re: MD5 Considered Harmful Today: Creating a rogue CA certificate Charles Miller (Dec 30)
- Re: MD5 Considered Harmful Today: Creating a rogue CA certificate Thomas Ptacek (Dec 30)