Advisory - tunneling of IP at exchange points.

• Previous message (by thread): Advisory - tunneling of IP at exchange points.
• Next message (by thread): Advisory - tunneling of IP at exchange points.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 I've received a swathe of private email pointing out other and more 
complex methods of this exploit. The reason we were not keen to go 
into detail about things like this is that the advisory was a "heads 
up" to a large public forum and it would be nice if people would not 
mention more detailed exploits on such a public forum as NANOG :)

 I can think of at least three methods to perform this exploit in 
such a way as to invalidate the suggested, or in some cases *any*, 
filtering and restrict detection to netflow and the like. My personal 
view is that people that are clueful enough to do so probably won't 
so I'm not keen to educate people in this way ;)

Cheers,

Lyndon Levesley
GX Networks (formerly Xara Networks)



-- 
Penis Envy is a total Phallusy.

• Previous message (by thread): Advisory - tunneling of IP at exchange points.
• Next message (by thread): Advisory - tunneling of IP at exchange points.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]