nanog mailing list archives
Re: huawei
From: Michael Thomas <mike () mtcc com>
Date: Thu, 13 Jun 2013 17:39:18 -0700
On 06/13/2013 05:28 PM, Scott Helms wrote:
Bill, Certainly everything you said is correct and at the same time is not useful for the kinds traffic interception that's been implied. 20 packets of random traffic capture is extraordinarily unlikely to contain anything of interest and eve if you do happen to get a juicy fragment your chances of getting more ate virtually nil. An effective system must either capture and transmit large numbers of packets or have a command and control system in order to target smaller captures against a shifting list of addresses. Either of those things are very detectable. I've spent a significant amount of time looking at botnet traffic which has the same kind of requirements.
I think you're having a failure of imagination that anything less than a massive amount of information sent back to the attacker could be useful. I think there are lots and lots of things that could be extremely useful that would only require a simple message with "got here" back to the attacker if the "got here" condition was sufficiently interesting. Spying doesn't have the same motivations as typical botnets for illicit commerce. Mike
Current thread:
- Re: huawei (ZTE too), (continued)
- Re: huawei (ZTE too) Warren Bailey (Jun 13)
- Re: huawei (ZTE too) david peahi (Jun 13)
- Re: huawei (ZTE too) Jeroen Massar (Jun 13)
- Re: huawei (ZTE too) david peahi (Jun 13)
- Re: huawei (ZTE too) Jeroen Massar (Jun 13)
- Re: huawei (ZTE too) Leslie (Jun 13)
- Re: huawei (ZTE too) Randy Bush (Jun 14)
- Re: huawei Randy Bush (Jun 13)
- Re: huawei William Herrin (Jun 13)
- Re: huawei Scott Helms (Jun 13)
- Re: huawei Michael Thomas (Jun 13)
- Re: huawei Mark Seiden (Jun 13)
- Re: huawei Scott Helms (Jun 13)
- Re: huawei Michael Thomas (Jun 13)
- Re: huawei Scott Helms (Jun 13)
- Re: huawei Michael Thomas (Jun 13)
- Re: huawei Scott Helms (Jun 13)
- Re: huawei Phil Fagan (Jun 13)
- Re: huawei Rich Kulawiec (Jun 14)
- Re: huawei Tom Taylor (Jun 14)
- Re: huawei Valdis . Kletnieks (Jun 14)