Cisco vulnerability and dangerous filtering techniques

• Previous message (by thread): Cisco vulnerability and dangerous filtering techniques
• Next message (by thread): Cisco vulnerability and dangerous filtering techniques
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-- On Wednesday, July 23, 2003 01:59 -0400
-- Richard A Steenbergen <ras at e-gerbil.net> supposedly wrote:

> On Tue, Jul 22, 2003 at 05:53:45PM -0400, Valdis.Kletnieks at vt.edu wrote:
>> On Tue, 22 Jul 2003 17:51:20 EDT, alex at yuriev.com said:
>>
>> > I guess all folks with Ph.D. at Akamai really are paid for nothing if a
>> > virus could calculate that with a few traceroutes.

Let's hope not. :)


>> It's actually pretty easy if you get 20K distributed zombies doing the
>> traceroutes and then distributing the data to each other.  Given that
>> data, it's pretty easy to compute the graph - every router running BGP
>> has to do similar. :)

I am not sure why you would even need "a few" traceroutes.  Why not just 
load the virus with, say, the top 10 or 100 ASes, then use one of those 
kewlio traceroute programs that give you AS info.  Do *one* or maybe a 
couple traceroutes, hit the last big AS in the list, and work your way back 
home.


> Sounds like said virus implementor should go into the optimized routing
> business. Personally I'm gonna call bullshit on that one until I see it
> done.

No comment. :)


>> The Akamai problem is how to do it *without* having 20K boxes doing
>> traceroutes. ;)
>
> How many boxes does Akamai have? :)

Last press release was a little over 15K boxes in over 1100 networks in 66 
countries.  But I would not call them zombies.

Is that more or less distributed than your typical 'bot-net?

-- 
TTFN,
patrick

• Previous message (by thread): Cisco vulnerability and dangerous filtering techniques
• Next message (by thread): Cisco vulnerability and dangerous filtering techniques
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]