nanog mailing list archives
Re: Cisco vulnerability and dangerous filtering techniques
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Wed, 23 Jul 2003 08:09:11 -0400
-- On Wednesday, July 23, 2003 01:59 -0400 -- Richard A Steenbergen <ras () e-gerbil net> supposedly wrote:
On Tue, Jul 22, 2003 at 05:53:45PM -0400, Valdis.Kletnieks () vt edu wrote:On Tue, 22 Jul 2003 17:51:20 EDT, alex () yuriev com said: > I guess all folks with Ph.D. at Akamai really are paid for nothing if a > virus could calculate that with a few traceroutes.
Let's hope not. :)
It's actually pretty easy if you get 20K distributed zombies doing the traceroutes and then distributing the data to each other. Given that data, it's pretty easy to compute the graph - every router running BGP has to do similar. :)
I am not sure why you would even need "a few" traceroutes. Why not just load the virus with, say, the top 10 or 100 ASes, then use one of those kewlio traceroute programs that give you AS info. Do *one* or maybe a couple traceroutes, hit the last big AS in the list, and work your way back home.
Sounds like said virus implementor should go into the optimized routing business. Personally I'm gonna call bullshit on that one until I see it done.
No comment. :)
The Akamai problem is how to do it *without* having 20K boxes doing traceroutes. ;)How many boxes does Akamai have? :)
Last press release was a little over 15K boxes in over 1100 networks in 66 countries. But I would not call them zombies.
Is that more or less distributed than your typical 'bot-net? -- TTFN, patrick
Current thread:
- Re: Cisco vulnerability and dangerous filtering techniques, (continued)
- Re: Cisco vulnerability and dangerous filtering techniques jgraun (Jul 22)
- Re: Cisco vulnerability and dangerous filtering techniques Valdis . Kletnieks (Jul 22)
- RE: Cisco vulnerability and dangerous filtering techniques Austad, Jay (Jul 22)
- Re: Cisco vulnerability and dangerous filtering techniques Chris Lewis (Jul 22)
- RE: Cisco vulnerability and dangerous filtering techniques alex (Jul 22)
- RE: Cisco vulnerability and dangerous filtering techniques Austad, Jay (Jul 22)
- Re: Cisco vulnerability and dangerous filtering techniques Steve (Jul 22)
- Re: Cisco vulnerability and dangerous filtering techniques alex (Jul 22)
- Re: Cisco vulnerability and dangerous filtering techniques Valdis . Kletnieks (Jul 22)
- Re: Cisco vulnerability and dangerous filtering techniques Richard A Steenbergen (Jul 22)
- Re: Cisco vulnerability and dangerous filtering techniques Patrick W. Gilmore (Jul 23)
- Re: Cisco vulnerability and dangerous filtering techniques Steve (Jul 22)
- Re: Cisco vulnerability and dangerous filtering techniques jgraun (Jul 22)
- Re: Cisco vulnerability and dangerous filtering techniques Valdis . Kletnieks (Jul 22)
- RE: Cisco vulnerability and dangerous filtering techniques Patrick W. Gilmore (Jul 23)
- RE: Cisco vulnerability and dangerous filtering techniques alex (Jul 23)
- Re: Cisco vulnerability and dangerous filtering techniques Scott McGrath (Jul 23)
- Re: Cisco vulnerability and dangerous filtering techniques Patrick W. Gilmore (Jul 23)