* Ian Grant ian.a.n.gr...@googlemail.com [2014-10-20 01:02]:
On Sun, Oct 19, 2014 at 1:40 AM, Giancarlo Razzolini
I believe that
OpenBSD does that. But don't expect them to add
a security through obscurity layer to their kernel because I
guess they wont.
Well, they don't have a choice,
On 19-10-2014 21:01, Ian Grant wrote:
On the contrary: it_will_ make it impossible for people to know what
_we_ are doing. This is not one system I'm talking about: it's
countless independent VPNs. No one person in the world will ever know
what_we_ are doing.
Except perhaps for the nations
Razzolini
Sent: Monday, October 20, 2014 7:34 AM
To: Ian Grant
Cc: Bret Lambert; OpenBSD general usage list
Subject: Re: Shadow TCP stacks
On 19-10-2014 21:01, Ian Grant wrote:
On the contrary: it_will_ make it impossible for people to know what
_we_ are doing. This is not one system I'm talking
On 20 October 2014 14:13, Worik Stanton worik.stan...@gmail.com wrote:
Yes all traffic of a country can be analysed, fairly close to real time.
With some basic statistics, smart sampling and a dedicated team
crafting cleaver algorithms... That is what those big budgets are for!
Can throw in
On Mon, Oct 20, 2014 at 6:18 PM, john slee indig...@oldcorollas.org wrote:
On 20 October 2014 14:13, Worik Stanton worik.stan...@gmail.com wrote:
Yes all traffic of a country can be analysed, fairly close to real time.
With some basic statistics, smart sampling and a dedicated team
crafting
On 20-10-2014 20:46, Ian Grant wrote:
There's analysis, and there's analysis. None of this is particularly
interesting without knowledge of what depth of analysis was being
done.
Yes it is. Because filters can be made to alert you of odd traffic. And
certainly a tcp syn to an http port which
On Mon, Oct 20, 2014 at 8:33 AM, Giancarlo Razzolini
grazzol...@gmail.com wrote:
On 19-10-2014 21:01, Ian Grant wrote:
On the contrary: it _will_ make it impossible for people to know what
_we_ are doing. This is not one system I'm talking about: it's
countless independent VPNs. No one person
On 20-10-2014 21:52, Ian Grant wrote:
How else can one protect a system from DoS attacks, other than by
concealing it some way? And what is cryptography if it's not
concealing the meaning of a communication in some way?
Oh my. DoS can be mitigated. You could never protect a system. Even if
On Mon, Oct 20, 2014 at 8:01 PM, Giancarlo Razzolini
grazzol...@gmail.com wrote:
On 20-10-2014 21:52, Ian Grant wrote:
How else can one protect a system from DoS attacks, other than by
concealing it some way? And what is cryptography if it's not
concealing the meaning of a communication in
You are off-topic for this mailing list. Please go discuss it
elsewhere.
On Sun, Oct 19, 2014 at 1:40 AM, Giancarlo Razzolini
grazzol...@gmail.com wrote:
This tcp shadow stack would do no good in preventing
people from learning what you're doing. It's security
through obscurity, even though the authors of the paper try to say
that it ain't.
On the contrary: it
On 20/10/14 12:01, Ian Grant wrote:
Believe me, this would only scream on their filters. Hell,
even someone capturing this with tcpdump and analyzing it later
would see something it's not right.
You think someone can analyse all the HTTP traffic in a country? So
what if they could? By the
On 17-10-2014 15:59, Ian Grant wrote:
On Fri, Oct 17, 2014 at 2:49 PM, Bret Lambert bret.lamb...@gmail.com
wrote:
Well, if, as Herr Schroeder seems to be implying, this is used to
avoid port scans, I'd look for traffic to/from address:port which
don't show up on scans.
That's why I want to
On Thu, Oct 16, 2014 at 02:48:22PM +0200, Martin Schr??der wrote:
2014-10-16 13:16 GMT+02:00 Kevin Chadwick ma1l1i...@yahoo.co.uk:
I still don't see the benefit though but do see added complexity or
more code to audit.
Reducing DDOS against a visible SSH service maybe? Reduce password
2014-10-17 10:24 GMT+02:00 Bret Lambert bret.lamb...@gmail.com:
On Thu, Oct 16, 2014 at 02:48:22PM +0200, Martin Schr??der wrote:
The impossibility to scan for services - which the NSA/GHCQ/... do.
It's a good thing that traffic analysis isn't a thing, then. Otherwise
they'd be able to check
On Fri, Oct 17, 2014 at 12:56:48PM +0200, Martin Schr??der wrote:
2014-10-17 10:24 GMT+02:00 Bret Lambert bret.lamb...@gmail.com:
On Thu, Oct 16, 2014 at 02:48:22PM +0200, Martin Schr??der wrote:
The impossibility to scan for services - which the NSA/GHCQ/... do.
It's a good thing that
On Fri, Oct 17, 2014 at 4:24 AM, Bret Lambert bret.lamb...@gmail.com wrote:
On Thu, Oct 16, 2014 at 02:48:22PM +0200, Martin Schr??der wrote:
2014-10-16 13:16 GMT+02:00 Kevin Chadwick ma1l1i...@yahoo.co.uk:
The impossibility to scan for services - which the NSA/GHCQ/... do.
It's a good thing
On Fri, Oct 17, 2014 at 9:13 AM, Ian Grant ian.a.n.gr...@googlemail.com wrote:
On Fri, Oct 17, 2014 at 4:24 AM, Bret Lambert bret.lamb...@gmail.com wrote:
On Thu, Oct 16, 2014 at 02:48:22PM +0200, Martin Schr??der wrote:
2014-10-16 13:16 GMT+02:00 Kevin Chadwick ma1l1i...@yahoo.co.uk:
The
On Fri, Oct 17, 2014 at 12:13:55PM -0400, Ian Grant wrote:
On Fri, Oct 17, 2014 at 4:24 AM, Bret Lambert bret.lamb...@gmail.com wrote:
On Thu, Oct 16, 2014 at 02:48:22PM +0200, Martin Schr??der wrote:
2014-10-16 13:16 GMT+02:00 Kevin Chadwick ma1l1i...@yahoo.co.uk:
The impossibility to scan
2014-10-17 20:49 GMT+02:00 Bret Lambert bret.lamb...@gmail.com:
Well, if, as Herr Schroeder seems to be implying, this is used to
avoid port scans, I'd look for traffic to/from address:port which
don't show up on scans.
That's certainly possible but more expensive than find all ssh servers.
On Fri, Oct 17, 2014 at 2:49 PM, Bret Lambert bret.lamb...@gmail.com wrote:
Well, if, as Herr Schroeder seems to be implying, this is used to
avoid port scans, I'd look for traffic to/from address:port which
don't show up on scans.
That's why I want to hide it behind an ordinary service.
On Fri, Oct 17, 2014 at 02:59:26PM -0400, Ian Grant wrote:
On Fri, Oct 17, 2014 at 2:49 PM, Bret Lambert bret.lamb...@gmail.com wrote:
Well, if, as Herr Schroeder seems to be implying, this is used to
avoid port scans, I'd look for traffic to/from address:port which
don't show up on scans.
On Wed, 15 Oct 2014 20:22:56 -0400
Ian Grant wrote:
Moved to misc.
Yes, you missed something: the point :-)
The idea is that the existence of this entire 'ultranet' is
undetectable by even someone snooping all national traffic. So a TCP
port 80 connection looks to the snooper _exactly_
2014-10-16 13:16 GMT+02:00 Kevin Chadwick ma1l1i...@yahoo.co.uk:
I still don't see the benefit though but do see added complexity or
more code to audit.
Reducing DDOS against a visible SSH service maybe? Reduce password
attempts on your logs allowing them to go after targets that might
On Wed, Oct 15, 2014 at 4:47 PM, Kevin Chadwick ma1l1i...@yahoo.co.uk wrote:
On Sat, 11 Oct 2014 13:38:49 -0400
Ian Grant wrote:
No, the pre-shared keys are communicated over the VPN, as are the
keys which encrypt the VPN's own data as it appears in the actual TCP
packets which carry the
2014-10-16 2:22 GMT+02:00 Ian Grant ian.a.n.gr...@googlemail.com:
Perhaps I have missed something but if you have a ssh tunnel or
something then just put that in front of the service without increasing
Moved to misc.
Yes, you missed something: the point :-)
The idea is that the existence
moved to misc@; it's still not on-topic, but this message may be
somewhat interesting
On Fri, Oct 10, 2014 at 07:31:50PM -0400, Ian Grant wrote:
I want to try to implement some form of concealed port knocking in
OpenBSD, along the lines of Martin Kirsch:
27 matches
Mail list logo