lawful intercept/IOS at BlackHat DC, bypassing and recommendations
Crist.Clark at globalstar.com
Thu Feb 4 16:26:23 CST 2010
>>> On 2/4/2010 at 12:27 PM, Christopher Morrow
<morrowc.lists at gmail.com> wrote:
> On Thu, Feb 4, 2010 at 3:19 PM, Gadi Evron <ge at linuxbox.org> wrote:
>> "That peer-review is the basic purpose of my Blackhat talk and the
> paper. I plan to review Cisco’s architecture for lawful intercept
> the approach a bad guy would take to getting access without
> I’ll identify several aspects of the design and implementation of
> Intercept (LI) and Simple Network Management Protocol Version 3
> protocols that can be exploited to gain access to the interface, and
> recommendations for mitigating those vulnerabilities in design,
> implementation, and deployment."
> this seems like much more work that matt blaze's work that said:
> send more than 10mbps toward what you want to sneak around... the
> LEA's pipe is saturated so nothing of use gets to them"
The Cross/XForce/IBM talk appears more to be about unauthorized
access to communications via LI rather than evading them,
"...there is a risk that [LI tools] could be hijacked by third
parties and used to perform surveillance without authorization."
Of course, this has already happened,
More information about the NANOG