|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Richard Bejtlich (taosecurity
gmail.com)
Date: Fri Feb 20 2009 - 18:46:56 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Feb 19, 2009 at 6:36 PM, Fyodor <fyodorinsecure.org> wrote:
> The slides give numbers for how many people he apparently fooled with
> the MITM attacks (e.g. 16 credit card numbers and 7 PayPal logins and
> 300 other https logins in 24 hours), but it isn't clear from the
> slides alone where he performed the attacks. Maybe a coffee shop?
> I'm hoping it was on the Black Hat DC network before his presentation
> :).
>
I may have missed it in this thread, but Moxie said he ran a Tor exit
node and ran his attack against those using the node. He said during
the talk that he scripted a process to count the users, so he didn't
directly inspect data he captured.
One aside -- several people in Moxie's talk discussed the need to MITM
traffic by ARP spoofing, etc., on local LANs. Moxie's tricks are much
more interesting if you combine them with the BGP hijacking
demonstrated at Def Con last year and expanded upon at BH DC this
year:
http://www.renesys.com/blog/2009/02/stealing-the-internet-back-1.shtml#more
With BGP hijacking you can apply Moxie's tricks without having a
foothold on the target's network.
Sincerely,
Richard
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]