Full Disclosure mailing list archives
Re: In-band signalling (was: Re: NuralStorm Webmail Multiple Vulnerabilities)
From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Sat, 24 Jul 2010 22:08:15 +0200 (CEST)
On Sat, 17 Jul 2010, Dan Kaminsky wrote:
Out of band signaling can be made to work in small networks.
What does "out of band" mean in that sentence? The original meaning of "out of band" was "out of the frequency band used to transmit end-to-end voice communication". As frequency division multiplexing was replaced by other (mostly digital) methods of signal encoding and multiplexing, the term acquired a more abstract meaning with "band" denoting any kind of multiplexed channel. Out-of-band signalling in this abstract sense is one of the major features of SS7. I do not think you want to call the global SS7-based phone network "small".
In larger networks and systems, the problem is -- what makes you think you have simply two planes? We call them n-tier, not 2-tier after all.
If you know how to split a communication channel into two separated subchannels then you can apply the approach recursively and get any number of subchannels and any number of tiers you want (as long as you do not hit physical limits).
So the game, as I see it, isn't to demand out of band operations. The game is to engineer systems that can strongly maintain separation between contexts, in band.
Again, what does "out of band" (and "in band") mean in that sentence? In fact, "the need to engineer systems to maintain strong separation between contexts" is more or less the lesson to be learned I talked about. BTW: Between? What makes you think you have simply two contexts? :) -- Pavel Kankovsky aka Peak / Jeremiah 9:21 \ "For death is come up into our MS Windows(tm)..." \ 21st century edition / _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: NuralStorm Webmail Multiple Vulnerabilities, (continued)
- Re: NuralStorm Webmail Multiple Vulnerabilities musnt live (Jul 12)
- Re: NuralStorm Webmail Multiple Vulnerabilities Pavel Kankovsky (Jul 15)
- Re: NuralStorm Webmail Multiple Vulnerabilities musnt live (Jul 15)
- Re: NuralStorm Webmail Multiple Vulnerabilities Christoph Gruber (Jul 15)
- Re: NuralStorm Webmail Multiple Vulnerabilities Justin Klein Keane (Jul 15)
- Re: NuralStorm Webmail Multiple Vulnerabilities musnt live (Jul 15)
- Re: NuralStorm Webmail Multiple Vulnerabilities Pavel Kankovsky (Jul 15)
- Re: NuralStorm Webmail Multiple Vulnerabilities Valdis . Kletnieks (Jul 15)
- In-band signalling (was: Re: NuralStorm Webmail Multiple Vulnerabilities) Pavel Kankovsky (Jul 17)
- Re: In-band signalling (was: Re: NuralStorm Webmail Multiple Vulnerabilities) Dan Kaminsky (Jul 17)
- Re: In-band signalling (was: Re: NuralStorm Webmail Multiple Vulnerabilities) coderman (Jul 17)
- Re: In-band signalling (was: Re: NuralStorm Webmail Multiple Vulnerabilities) Pavel Kankovsky (Jul 24)
- Re: NuralStorm Webmail Multiple Vulnerabilities musnt live (Jul 12)