|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Cisco vulnerability and dangerous filtering techniques
-- On Wednesday, July 23, 2003 01:59 -0400 -- Richard A Steenbergen <[email protected]> supposedly wrote: On Tue, Jul 22, 2003 at 05:53:45PM -0400, [email protected] wrote:On Tue, 22 Jul 2003 17:51:20 EDT, [email protected] said: > I guess all folks with Ph.D. at Akamai really are paid for nothing if a > virus could calculate that with a few traceroutes. Let's hope not. :) I am not sure why you would even need "a few" traceroutes. Why not just load the virus with, say, the top 10 or 100 ASes, then use one of those kewlio traceroute programs that give you AS info. Do *one* or maybe a couple traceroutes, hit the last big AS in the list, and work your way back home.It's actually pretty easy if you get 20K distributed zombies doing the traceroutes and then distributing the data to each other. Given that data, it's pretty easy to compute the graph - every router running BGP has to do similar. :) Sounds like said virus implementor should go into the optimized routing business. Personally I'm gonna call bullshit on that one until I see it done. No comment. :) Last press release was a little over 15K boxes in over 1100 networks in 66 countries. But I would not call them zombies.The Akamai problem is how to do it *without* having 20K boxes doing traceroutes. ;)How many boxes does Akamai have? :) Is that more or less distributed than your typical 'bot-net? -- TTFN, patrick
|