lawful intercept/IOS at BlackHat DC, bypassing and recommendations

About Merit

Services

Network

Resources & Support

Network Research

News

Events

Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

lawful intercept/IOS at BlackHat DC, bypassing and recommendations

From: Gadi Evron
Date: Thu Feb 04 15:23:01 2010

List-archive: <http://mailman.nanog.org/mailman/nanog>
List-help: <mailto:nanog-request@nanog.org?subject=help>
List-id: North American Network Operators Group <nanog.nanog.org>
List-post: <mailto:nanog@nanog.org>
List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>,<mailto:nanog-request@nanog.org?subject=subscribe>
List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>,<mailto:nanog-request@nanog.org?subject=unsubscribe>

"That peer-review is the basic purpose of my Blackhat talk and the associated paper. I plan to review Cisco’s architecture for lawful intercept and explain the approach a bad guy would take to getting access without authorization. I’ll identify several aspects of the design and implementation of the Lawful Intercept (LI) and Simple Network Management Protocol Version 3 (SNMPv3) protocols that can be exploited to gain access to the interface, and provide recommendations for mitigating those vulnerabilities in design, implementation, and deployment."

More here:
http://blogs.iss.net/archive/blackhatlitalk.html

Gadi.

--
Gadi Evron,
ge@linuxbox.org.

Blog: http://gevron.livejournal.com/

Follow-Ups:
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Jorge Amodio
- Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations Christopher Morrow

Prev by Date: Re: How polluted is 1/8?
Next by Date: Re: Need clued XO abuse contact
Date Index
Thread Index
Author Index
Historical