On Thu, Jun 13, 2013 at 1:20 PM, Scott Helms <khelms@zcorum.com> wrote:
if one of my routers starts sending cat photos somewhere, no matter how cute, I'm gonna consider that suspicious.
Hi Scott, If once every 24 hours or so your router borrows the source IP of a packet it recently passed and uses it to send a burst of 20 intentionally unacknowledged packets containing a cat photo, your odds of noticing are very close to zero and your odds of tracing it to the router are even worse. Implementing a magic-packet remote kill switch is even easier... and completely undetectable until used. With a little effort you could implement it in the forwarding hardware where even a thorough analysis of the firmware image can't detect it. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004