r00t advisory: layer 1 (Dec 4 1997) 

-- Synopsis:    r00t has been informed of a recent spate of session
                hijacking attempts at layer 1 of the OSI reference model.
                These incidents have been centered around Internet
                exchange points located in cities with high crime rates.
                Port shortage at these exchange points is believed to be
                an aggravating factor.

-- Exploit:     A Layer 1 session hijacking attack was recorded by
                audio/video surveillance equipment at a major exchange
                point.  Below is a transcript of the monologue delivered
                by the assailant:

   "Yo!  <providername> Mo'fucker!  Yeah you! Take dat fuckin' FDDI out
   reeaaal slow now....  Dat's it....  Now, plug dat muthafucka into my
   router here. What da fuck you lookin' at, biiitch?!?  <SUBJECT
   BRANDISHES PISTOL> Does dis look like a fake gun to you, homey?  Jus'
   fo dat, I'll take dat extra hissey card, too!  Wat da fuck you mean
   you ain't gonna peer with me? Don't make me buss a cap in yo ass...."

-- Fixes?:      Layer 1 session hijacking is heavily dependent on the
                element of surprise; it is advisable to have a second
                individual acting as a lookout while performing
                maintenance at NAPs, MAEs, and other coloration
                facilities, particularly those located in "bad"
                neighborhoods.  r00t also recommends the many fine
                products of Guardian Technologies International
                (+1-703-709-7788) and Second Chance Body Armor
                (+1-616-544-5721) as stylish and functional apparel
                for the survival-conscious technician.  Remember, it's a
                *felony* to commit a crime while wearing soft body armor.

                As a more proactive workaround, r00t recommends the
                SIG-Sauer model P229 in caliber .40 S&W (the official
                handgun of r00t), available from better firearms dealers

Log in or register to write something here or to contact authors.