Full Disclosure mailing list archives
Re: ASN.1 telephony critical infrastructure warning - VOIP
From: jan.muenther () nruns com
Date: Wed, 18 Feb 2004 18:36:47 +0100
Vladis,
We don't see dedicated and targeted attacks at 4 million cablemodem users designed to drop off trojans, ddos zombies, and similar.
Sure. I wasn't claiming that worms don't get deployed, neither that they do not pose a huge problem. My point was rather that the fact something might not be an addressable target for a worm it doesn't automatically make it an unattractive target altogether. Just because it can't be mass-exploited, doesn't mean people are not going to use it as an entry point. We haven't seen worms for a whole bunch of Unix vulnerabilities that pretty much appeared in all variants, free or not. Still, these are being actively exploited on a daily basis. The fact that these things are not maxing out people's bandwidth or just make the machine blatantly unusable sure makes them less noticed. However, if you care about the specific security of data on your network, they're at risk all the same. In this regard (beat me for this), worms like MSBlaster sure did have security-enhancing side effect, because people patched their boxen that otherwise wouldn't have even thought about it - or noticed.
Many of the worst "dedicated and targeted attacks" of late presuppose the presence of a zombie net - preventing the formation of such a net then makes the attack a lot harder to carry out.
I'm not talking about DDoS, and a zombie net isn't necessary to obfuscate the origin of your actions. I mean the 'find target, strike, cover your ass' sort of attack. VoIP installations sure is an attractive target for such operations, don't you think?
And for that matter, installation of a keystroke logger to sniff out credit card numbers *IS* a dedicated and targeted attack - on the credit card system.
I don't quite get your point here - did I claim anything else? Cheers, J. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- ASN.1 telephony critical infrastructure warning - VOIP Gadi Evron (Feb 17)
- Re: ASN.1 telephony critical infrastructure warning - VOIP Michal Zalewski (Feb 17)
- RE: ASN.1 telephony critical infrastructure warning - VOIP Zak Dechovich (Feb 17)
- Re: ASN.1 telephony critical infrastructure warning - VOIP Michael Samuel (Feb 18)
- Re: ASN.1 telephony critical infrastructure warning - VOIP jan . muenther (Feb 18)
- Re: ASN.1 telephony critical infrastructure warning - VOIP Valdis . Kletnieks (Feb 18)
- Re: ASN.1 telephony critical infrastructure warning - VOIP jan . muenther (Feb 18)
- RE: ASN.1 telephony critical infrastructure warning - VOIP Zak Dechovich (Feb 17)
- Re: ASN.1 telephony critical infrastructure warning - VOIP Michal Zalewski (Feb 17)
- RE: ASN.1 telephony critical infrastructure warning - VOIP David Wilson (Feb 23)
- Re: ASN.1 telephony critical infrastructure warning - VOIP daniel uriah clemens (Feb 17)
- Re: ASN.1 telephony critical infrastructure warning - VOIP Florian Weimer (Feb 17)
- Re[2]: ASN.1 telephony critical infrastructure warning - VOIP 3APA3A (Feb 18)
- <Possible follow-ups>
- RE: ASN.1 telephony critical infrastructure warning - VOIP John LaCour (Feb 17)
- Re: ASN.1 telephony critical infrastructure warning - VOIP Joseph M Hoffman (Feb 19)