Email tapping by ISPs, forwarder addresses, and crypto proxies

J.A. Terranson measl at mfn.org
Sun Jul 18 05:50:16 PDT 2004


On Sun, 18 Jul 2004, Eugen Leitl wrote:

> On Sun, Jul 18, 2004 at 06:13:49AM -0500, J.A. Terranson wrote:
>
> > A NIC?  You gotta realize that we're talking about mesh circuits here:
> > OC3-OC48 trunks, OC192 backbones... This is no small job.  A mom/pop or
>
> At times of 10 GBit Ethernet, OC192 data rate doesn't seem all that
> intimidating.
>
> A standard 1U Dell should have enough crunch to just filter out the
> plain text packets of a 1 GBps Ethernet line.

I have seen a passive tap on a gig line used for IDS, true, but that's
pretty close to the state of the art right now.  There's an issue with
getting the interfaces for the 1U Dell, and then you have the secondary
issues of just how much encapsulated crap do you need to strip off, and
how fast.  Remeber, you only get 1 shot, and you *can't* ask for more time
- if your buffer runneth over, you be screwed.

It's not as easy as it feels.

-- 
Yours,

J.A. Terranson
sysadmin at mfn.org
0xBD4A95BF

  "...justice is a duty towards those whom you love and those whom you do
  not.  And people's rights will not be harmed if the opponent speaks out
  about them."      Osama Bin Laden
	- - -

  "There aught to be limits to freedom!"    George Bush
	- - -

Which one scares you more?





More information about the cypherpunks-legacy mailing list