lawful intercept/IOS at BlackHat DC, bypassing and recommendations
andrew.wallace at rocketmail.com
Thu Feb 4 23:58:44 UTC 2010
On Thu, Feb 4, 2010 at 11:25 PM, <a.harrowell at gmail.com> wrote:
> -original message-
> Subject: Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations
> From: "andrew.wallace" <andrew.wallace at rocketmail.com>
> Date: 04/02/2010 11:09 pm
> On Thu, Feb 4, 2010 at 8:19 PM, Gadi Evron <ge at linuxbox.org> wrote:
>> "That peer-review is the basic purpose of my Blackhat talk and the
>> associated paper. I plan to review Cisco’s architecture for lawful intercept
>> and explain the approach a bad guy would take to getting access without
>> authorization. I’ll identify several aspects of the design and
>> implementation of the Lawful Intercept (LI) and Simple Network Management
>> Protocol Version 3 (SNMPv3) protocols that can be exploited to gain access
>> to the interface, and provide recommendations for mitigating those
>> vulnerabilities in design, implementation, and deployment."
>> More here:
> For the sake of clarity and transparency,
> Gadi Evron has absolutely no connection to this research whatsoever.
> He is famous in the security community for piggybacking off other peoples research.
> We are frustrated with him as much as we are annoyed.
> Security consultant
> CITATION NEEDED
You can goto Full-disclosure mailing list
http://www.grok.org.uk/full-disclosure/ and ask about "Gadi Evron".
There will be plenty folks there who will tell you he is involved in
More information about the NANOG