Home page logo
/

nanog logo nanog mailing list archives

Re: huawei
From: Rich Kulawiec <rsk () gsp org>
Date: Sat, 15 Jun 2013 08:13:50 -0400


First: this is a fascinating discussion.  Thank you.

Second:

On Sat, Jun 15, 2013 at 01:56:34AM -0500, Jimmy Hess wrote:
There will be indeed be _plenty_ of ways that a low bit rate channel
can do everything the right adversary needs.

A few bits for second is plenty of data rate for  sending control
commands/rule changes to a router backdoor mechanism, stealing
passwords, or leaking cryptographic keys   required to decrypt the VPN
data stream intercepted from elsewhere on the network,   leaking
counters, snmp communities, or interface descriptions,   or
criteria-selected forwarded data samples, etc....

I was actually thinking much slower: a few bits per *day*.  Maybe slower yet.

(So what if it takes a month to transmit a single 15-character password?)

For people who think in terms of instant gratification, or perhaps,
in next-quarter terms, or perhaps, in next-year terms, that might be
unacceptabe.  But for people who think in terms of next-decade or
beyond, it might suffice.

And if the goal is not "get the password for router 12345" but "get as
many as possible", then a scattered, random, slow approach might yield
the best results -- *because* it's scattered, random, and slow.

---rsk


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault