On Thu, Feb 4, 2010 at 3:19 PM, Gadi Evron <[email protected]> wrote: > > "That peer-review is the basic purpose of my Blackhat talk and the associated > paper. I plan to review Cisco’s architecture for lawful intercept and explain > the approach a bad guy would take to getting access without authorization. > I’ll identify several aspects of the design and implementation of the Lawful > Intercept (LI) and Simple Network Management Protocol Version 3 (SNMPv3) > protocols that can be exploited to gain access to the interface, and provide > recommendations for mitigating those vulnerabilities in design, > implementation, and deployment."
this seems like much more work that matt blaze's work that said: "Just send more than 10mbps toward what you want to sneak around... the LEA's pipe is saturated so nothing of use gets to them" <http://www.crypto.com/blog/calea_weaknesses/> Also, cisco publishes the fact that their intercept caps out at 15kpps per line card, so... just keep a steady 15kpps and roll on. -chris
