[163681] in North American Network Operators' Group
Re: huawei
daemon@ATHENA.MIT.EDU (Phil Fagan)
Thu Jun 13 22:37:53 2013
In-Reply-To: <CAMrdfRx6H9O7ZjNZ6mezPiBYDpuqbQVJSrJyBPLCk_F=XsZPfw@mail.gmail.com>
From: Phil Fagan <philfagan@gmail.com>
Date: Thu, 13 Jun 2013 20:37:03 -0600
To: Scott Helms <khelms@zcorum.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
What protocols have empty space in the headers whereby I can add my
'message' and send it along with legit traffic? I would think most all..
On Thu, Jun 13, 2013 at 8:16 PM, Scott Helms <khelms@zcorum.com> wrote:
> What protocol is a DPI vector? In what way is making a router even
> remotely efficient as a method of end to end covert communication? There
> are thousands (if not millions) of ways for two hosts to exchange data
> without it being detectable that's much faster and cheaper than involving
> the network infrastructure.
>
> Kill switches and secret back doors are all feasible but the rest of this
> is fantasy.
> On Jun 13, 2013 10:05 PM, "Michael Thomas" <mike@mtcc.com> wrote:
>
> > On 06/13/2013 06:57 PM, Scott Helms wrote:
> >
> >>
> >> What you're describing is a command and control channel unless you're
> >> suggesting that the router itself had the capacity to somehow discern
> that.
> >> That's the problem with all the pixie dust theories. The router
> can't,
> >> it doesn't know who the rebels are much less their net block ahead of
> time.
> >> Something has to pass rules to the box to be able trigger off of.
> >>
> >>
> > I think you're misunderstanding: the router is watching traffic and gives
> > clues
> > that "we're gassing the rebels" that was added to all of the DPI vectors
> > which get surreptitiously added to the other DPI terms unbeknownst to the
> > owner and sent back to the attacker. That's enormously powerful. All it
> > takes
> > is sufficient money and motivation. Is this speculative? Of course -- I'm
> > not
> > a spook. Is it possible? You bet.
> >
> > Mike
> >
>
--
Phil Fagan
Denver, CO
970-480-7618
