4 Feb
2010
4 Feb
'10
3:19 p.m.
"That peer-review is the basic purpose of my Blackhat talk and the associated paper. I plan to review Cisco’s architecture for lawful intercept and explain the approach a bad guy would take to getting access without authorization. I’ll identify several aspects of the design and implementation of the Lawful Intercept (LI) and Simple Network Management Protocol Version 3 (SNMPv3) protocols that can be exploited to gain access to the interface, and provide recommendations for mitigating those vulnerabilities in design, implementation, and deployment." More here: http://blogs.iss.net/archive/blackhatlitalk.html Gadi. -- Gadi Evron, ge@linuxbox.org. Blog: http://gevron.livejournal.com/