Home page logo
/

dailydave logo Dailydave mailing list archives

Re: tubes clogged
From: Fyodor <fygrave () gmail com>
Date: Tue, 30 Dec 2008 09:18:10 +0800

"...their research required massive computational resources that had to be
utilized within a specific window of time": indicates some form of
brute-force cryptokey cracking.


the "specific window of time" bit makes me think of some sort of
session keys, heh :)

Also, somehow the "abusing the Internet" thing  became synonymical to
"abusing internet routing protocols" (otherwise why everyone is
bringing up the BGP issue). Can't there be other things to be abused?
like authentication certs, PKI infrastructures, authentication
mechanisms to control domain naming, RIPE or other registrar databases
... ?

Say, if you're able to manipulate registrar database, there are alot
of things you could do without actually having to mock with protocols
at low level. Computation-wise, in old days it was enough to crack a
DES hash (queryable by anyone, crackable with rainbow tables) to
control AS entries, and IMHO they haven't improved much since that
time (md5 instead of des is still not a big deal if you have "massive
computational resources").
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault