Email tapping by ISPs, forwarder addresses, and crypto proxies
Major Variola (ret)
mv at cdc.gov
Tue Jul 20 21:00:49 PDT 2004
At 10:12 AM 7/19/04 -0400, Tyler Durden wrote:
>"Gimme an intel IXA network processor and no problem. ATM is fixed
>size data, not as tricky as IP decoding. Predicatable bandwidth.
>Stream all into megadisks, analyze later."
>
>I'm gonna have to challenge this bit here, Variola.
Please. Truth requires skepticism. Be bold.
>Let's back up. You've got an OC-48 or OC-192 fiber and you want to grab
ALL
>of the data in this fiber. Now I'll grant that in real life there's
going to
>be a lot telephony circuit in there, but let's take a worst-case and
assume
>you need ALL the data.
As cryptographers, we must assume this.
>What's in this OC-192? Right now it definitely ain't 10Gb/s of packets.
It's
>going to have LOTS of DS1s, DS3s and, if you're lucky, and STS-3c or
two. So
>you'll need to first of all demux ALL of the tributaries.
And how much *dark fiber* is there? Lots and lots, thanks to irrational
exuberance. Guess what? SiO2 doesn't care which direction the beam
is pumped into.
>Next, you've got to un-map any ATM in each of the DS1s, etc, and then
pull
>out the IP data from the ATM cells, remembering to reassemble
fragmented
>packets (and there will be plenty with ATM). And remember, you may have
to
>do this for 5000 simultaneous DS1s.
Yawn.
You underestimate the Adversary. Never ever do that. Isn't there some
chink who wrote that?
>Oh, and let's not forget pointer
>adjustments.
Oh no, not pointers! What next, MPLS?
>And that's just one fiber. How will you actually get all of this
traffic
>back to HQ? Remember, it keeps coming and won't stop.
Dark fiber.
>No, I think I'm becomming convinced that they can't yet get ALL of it.
Enjoy your childhood while it lasts. Its a beautiful time.
More information about the Testlist
mailing list