nanog mailing list archives
Re: huawei
From: William Herrin <bill () herrin us>
Date: Thu, 13 Jun 2013 18:45:18 -0400
On Thu, Jun 13, 2013 at 1:20 PM, Scott Helms <khelms () zcorum com> wrote:
if one of my routers starts sending cat photos somewhere, no matter how cute, I'm gonna consider that suspicious.
Hi Scott, If once every 24 hours or so your router borrows the source IP of a packet it recently passed and uses it to send a burst of 20 intentionally unacknowledged packets containing a cat photo, your odds of noticing are very close to zero and your odds of tracing it to the router are even worse. Implementing a magic-packet remote kill switch is even easier... and completely undetectable until used. With a little effort you could implement it in the forwarding hardware where even a thorough analysis of the firmware image can't detect it. Regards, Bill Herrin -- William D. Herrin ................ herrin () dirtside com bill () herrin us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
Current thread:
- Re: huawei (ZTE too), (continued)
- Re: huawei (ZTE too) Mikael Abrahamsson (Jun 13)
- Message not available
- Re: huawei (ZTE too) Bryan Fields (Jun 13)
- Re: huawei (ZTE too) Warren Bailey (Jun 13)
- Re: huawei (ZTE too) david peahi (Jun 13)
- Re: huawei (ZTE too) Jeroen Massar (Jun 13)
- Re: huawei (ZTE too) david peahi (Jun 13)
- Re: huawei (ZTE too) Jeroen Massar (Jun 13)
- Re: huawei (ZTE too) Leslie (Jun 13)
- Re: huawei (ZTE too) Randy Bush (Jun 14)
- Re: huawei Randy Bush (Jun 13)
- Re: huawei William Herrin (Jun 13)
- Re: huawei Scott Helms (Jun 13)
- Re: huawei Michael Thomas (Jun 13)
- Re: huawei Mark Seiden (Jun 13)
- Re: huawei Scott Helms (Jun 13)
- Re: huawei Michael Thomas (Jun 13)
- Re: huawei Scott Helms (Jun 13)
- Re: huawei Michael Thomas (Jun 13)
- Re: huawei Scott Helms (Jun 13)
- Re: huawei Phil Fagan (Jun 13)
- Re: huawei Rich Kulawiec (Jun 14)