Home page logo

nanog logo nanog mailing list archives

Re: huawei
From: Phil Fagan <philfagan () gmail com>
Date: Thu, 13 Jun 2013 20:37:03 -0600

What protocols have empty space in the headers whereby I can add my
'message' and send it along with legit traffic? I would think most all..

On Thu, Jun 13, 2013 at 8:16 PM, Scott Helms <khelms () zcorum com> wrote:

What protocol is a DPI vector?  In what way is making a router even
remotely efficient as a method of end to end covert communication? There
are thousands (if not millions) of ways for two hosts to exchange data
without it being detectable that's much faster and cheaper than involving
the network infrastructure.

Kill switches and secret back doors are all feasible but the rest of this
is fantasy.
On Jun 13, 2013 10:05 PM, "Michael Thomas" <mike () mtcc com> wrote:

On 06/13/2013 06:57 PM, Scott Helms wrote:

What you're describing is a command and control channel unless you're
suggesting that the router itself had the capacity to somehow discern
  That's the problem with all the pixie dust theories.  The router
it doesn't know who the rebels are much less their net block ahead of
Something has to pass rules to the box to be able trigger off of.

I think you're misunderstanding: the router is watching traffic and gives
that "we're gassing the rebels" that was added to all of the  DPI vectors
which get surreptitiously added to the other DPI terms unbeknownst to the
owner and sent back to the attacker. That's enormously powerful. All it
is sufficient money and motivation. Is this speculative? Of course -- I'm
a spook. Is it possible? You bet.


Phil Fagan
Denver, CO

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]