Interesting People mailing list archives
IP: more on -- Industry Standard Article on Carnivore
From: Dave Farber <farber () cis upenn edu>
Date: Wed, 26 Jul 2000 10:41:27 -0400
To: Dave Farber <farber () cis upenn edu>, "Jason L. Rosensweig" <jason.rosensweig () nist gov> cc: mts () off to From: "Michael T. Stolarchuk" <mts () off to> Dave, i want to introduce myself for a second, i'm michael stolarchuk, and i've been involved with sniffing technologies for at least five years. i'm the last author of the core sniffing engine for NFR, Network Flight Recorder, and before that, I was involved in a project to perform packet sniffing for Honeyman's packet vault at citi of the University of Michigan ... i belive that qualifies me as a good source of information, if not an expert... because of my background i have good knowledge of what sniffing technologies can do, and what they can't do... I have issue with in the article from mr.Rosensweig... specifically: Carnivore can pick up only the packets that use the Internet protocol address to which the FBI has been granted access by court order, Kerr said. Now, as all of us know, if you can sniff the packets, then all the traffic is available for `Carnivore'. I don't see any guarantees that it will ONLY review mesages that its supposed to collect. I believe the `agency' be would be reluctant to allow the interpositioning of some device which would guarantee the safety of the data which Carnivore would see... After all, such a device may very well discard the very data which the `agency' is trying to locate. In addition, i would guess many of the machine which the agency would want to monitor would likely NOT have a single fixed IP address.. If that isn't the case, then they are sniffing from some mail intermediary, which implies they have access to *ALL* the mail which is available at that ISP, not just the mail from some particular machine. mts.
Current thread:
- IP: more on -- Industry Standard Article on Carnivore Dave Farber (Jul 26)