Re: Revealed: The Internet's Biggest Security Hole

• From: Jason Ross
• Date: Wed Aug 27 22:21:18 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

On Wed, Aug 27, 2008 at 9:52 PM,  <[email protected]> wrote:
> Yes, wonderful preso!  My biggest take-away was the fact that the
> vast majority of the attendees did not understand the gravity of the
> demo.

Agreed on both counts: the presentation was great, and largely not
understood it seemed.

>>
>> hehe
>> "new". hehe
>>
>> Maybe something will change now' though, it was a great and
>> impressive presentation, hijacking the defcon network and tweaking
>> TTL to hide it.
>>

Notably, Alex and Tony both mentioned that the BGP tricks were not new
during the presentation, and commented that it would essentially not be
surprising to anyone that groks routing at the level that most of the
folks on this list does.

What was new though according to their presentation (and it was new to
me certainly, but I'm still fairly green) was the AS Path prepending to
complete the circuit, and as you mentioned, the TTL magicks to hide
the hops.

I was suitably impressed at that.

--
Jason

• References:
  • Re: Revealed: The Internet's Biggest Security Hole marcus.sachs

• Prev by Date: Re: Revealed: The Internet's Biggest Security Hole
• Next by Date: Re: Revealed: The Internet's Biggest Security Hole
• Date Index
• Thread Index
• Author Index
• Historical