|
|
|
|
|
|
by viraptor
2902 days ago
|
|
|
> If they achieve access to a target, it's likely they control a path to it. Without specific, documented cases this is speculation of course. But I don't see why they'd use a link level protocol. 1. It requires patching multiple networking devices in the path, which is not very quiet. 2. It sticks out in any monitoring (via mirror ports) more than a UDP packet to a random host. DNS or ntp as a transport would be much simpler to hide. |
|
|
>"some of the most productive operations in TAO because they pre-position access points into hard target networks around the world."
https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa...