nanog mailing list archives
Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations
From: "Crist Clark" <Crist.Clark () globalstar com>
Date: Thu, 04 Feb 2010 14:26:23 -0800
On 2/4/2010 at 12:27 PM, Christopher Morrow
<morrowc.lists () gmail com> wrote:
On Thu, Feb 4, 2010 at 3:19 PM, Gadi Evron <ge () linuxbox org> wrote:"That peer-review is the basic purpose of my Blackhat talk and the
associated
paper. I plan to review Cisco’s architecture for lawful intercept
and explain
the approach a bad guy would take to getting access without
authorization.
I’ll identify several aspects of the design and implementation of
the Lawful
Intercept (LI) and Simple Network Management Protocol Version 3
(SNMPv3)
protocols that can be exploited to gain access to the interface, and
provide
recommendations for mitigating those vulnerabilities in design, implementation, and deployment." this seems like much more work that matt blaze's work that said:
"Just
send more than 10mbps toward what you want to sneak around... the LEA's pipe is saturated so nothing of use gets to them"
The Cross/XForce/IBM talk appears more to be about unauthorized access to communications via LI rather than evading them, "...there is a risk that [LI tools] could be hijacked by third parties and used to perform surveillance without authorization." Of course, this has already happened, http://en.wikipedia.org/wiki/Greek_telephone_tapping_case_2004-2005
Current thread:
- lawful intercept/IOS at BlackHat DC, bypassing and recommendations Gadi Evron (Feb 04)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Christopher Morrow (Feb 04)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Christopher Morrow (Feb 04)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Tony Varriale (Feb 04)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Crist Clark (Feb 04)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Christopher Morrow (Feb 04)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Steven Bellovin (Feb 04)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Christopher Morrow (Feb 04)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Steven Bellovin (Feb 04)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Marcus Reid (Feb 04)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Christopher Morrow (Feb 04)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Christopher Morrow (Feb 04)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Mark Smith (Feb 05)
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations isabel dias (Feb 06)
- <Possible follow-ups>
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations andrew.wallace (Feb 04)