[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.40.0309201931040.1740-100000@phil.home.phil>
From: biondi at cartel-securite.fr (Philippe Biondi)
Subject: idea
This is *rigourously equivalent* to having all your data
go through the SSL connection.
That's like sending goods in a safe, and sending the
key of the safe in another safe (the recipient know how
to open the second safe (DH)).
Just send your goods in the second safe...
On Sat, 20 Sep 2003, D B wrote:
> excuse the top post ...yahoo isnt very friendly
>
> ok ill try to answer this.....
>
> i am by no means a guru of ip protocols but have
> agured this with a few people and decided it will work
>
> chunk of data ..... encrypted ..... sliced into random
> chunks ....sent to random ports in a random order
> ...add some noise generated to simulate data transfer
> that is actually transferred but dropped to /dev/null
> ( that was added after a discussion )
>
> with the initial connection being ssl the two clients
> agree on ports and the order of real data to be sent
> that is then followed with a possibility of someone
> sniffing ...IF they break the ssl they then have to
> reassemble the data in the proper sequence dismissing
> all the random noise
>
> what the port hopping tries to achieve is making it
> even more difficult to sniff because one cant just
> sniff a certain port.... with a random range u have to
> suck in garbage data and this increases the time it
> takes to reassemble if it is even possible
>
> that is the base idea ...but i feel that by rolling
> the ports we would achieve something similar to the
> freq hopping and yes it does create complexity ...but
> then isnt all security just a level of complexity
> added to something simple ?
>
>
>
> if it doesnt work at least i learn to code C++ by
> trying to make it
>
> D B
>
> "my tore up"
>
>
>
> -----------------------------------
>
> Message: 3
> Date: Sat, 20 Sep 2003 16:31:05 +0200 (CEST)
> From: Philippe Biondi <biondi@...tel-securite.fr>
> To: Steven Fruchter <steven_fruchter@...mail.com>
> Cc: "'John Sage'" <jsage@...chhaven.com>,
> <full-disclosure@...ts.netsys.com>
> Subject: RE: [Full-Disclosure] idea
>
>
> What is the added security value of this ??
> Sounds more like "security through complexity" to me.
> An IP flow does not have the properties that make FHSS
> have and added
> value to communications over radio frequencies.
>
>
> On Fri, 19 Sep 2003, Steven Fruchter wrote:
>
> > That sounds good and is very very similar to FHSS
> (Frequency Hoping
> > Spread Spectrum) for wireless communication
> technologies.
> >
> > -Steven Fruchter
> >
> > > -----Original Message-----
> > > From: full-disclosure-admin@...ts.netsys.com
> > > [mailto:full-disclosure-admin@...ts.netsys.com] On
> Behalf Of John
> Sage
> > > Sent: Friday, September 19, 2003 10:27 PM
> > > To: full-disclosure@...ts.netsys.com
> > > Subject: Re: [Full-Disclosure] idea
> > >
> > >
> > > Too late!
> > >
> > > On Fri, Sep 19, 2003 at 02:39:07PM -0700, D B
> wrote:
> > > > correct ....
> > > >
> > > > with an encryption layer that obscures the data
> so the
> > > > next "freq" isnt tattletailed thus making it
> hard to
> > > > know which packets are part of the actual data
> and
> > > > which are controlling before it hops
> > > >
> > > > and just for the record .... if this idea is
> original
> > > > it will be opensource licensed
> > > >
> > > > i will now move this topic off this list
> > > >
> > > > thank u all
> > > >
> > > > D B
> > > >
> > > > "my tore up"
> > >
> > > Thanks indeed for posting your interesting ideas,
> but I've
> > > just now beaten you to it, and if you *do* write
> such a
> > > program, my army of underworked, avaricious
> lawyers will sue
> > > the cr*p out of you, and you'll be working for me
> for the
> > > rest of your life.
> > >
> > > Not a happy prospect, I can assure you.
> > >
> > > But all the same, thanks again...
> > >
> > >
> > > - John
> > > --
> > > "Warning: time of day goes back, taking
> countermeasures."
> > > John Sage
> > > InfoSec Groupie
> > > -
> > > ABCD, EFGH, IJKL, EmEnOh, Pplus+, Mminus-
> > > -
> > > ATTENTION: this message is privileged
> communication. If you
> > > read it even though you aren't supposed to, you're
> a poopy-head.
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter:
> http://lists.netsys.com/full-disclosure-charter.html
> > >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter:
> http://lists.netsys.com/full-disclosure-charter.html
> >
>
>
--
Philippe Biondi <biondi@ cartel-securite.fr> Cartel S?curit?
Security Consultant/R&D http://www.cartel-securite.fr
PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
Powered by blists - more mailing lists