On Nov 13, 2014, at 11:35 AM, Michael Thomas <m...@mtcc.com> wrote: > Why guess when you can break into $MEGACORP and steal their server logs? If > there's > anything that the Snowden/NSA bizness should teach us is that brute force is > not the > only other option.
Different threat models demand different solutions. I doubt that the NSA is going to try to brute-force everybody's DNS tree, for the simple reason that if they did so, it would be obvious and would look like a DoS attack. They certainly are not going to exhaustively probe everyone's address space. But yes, they will be able to notice any device that ever communicates to the internet and transits a network location they are monitoring. This isn't the risk model I'm talking about in the case of address probing. _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet