Full Disclosure mailing list archives
Re: Its time to get serious about Storm Worm / RBN
From: coderman <coderman () gmail com>
Date: Wed, 19 Mar 2008 12:37:23 -0700
On Wed, Mar 19, 2008 at 5:49 AM, mcwidget <mcwidget () gmail com> wrote:
... Aint that the whole problem with Storm tho? The lack of CC boxes? Without that target, how do you effectively shutdown something like this?
the target is the distributed hash table routing metric used for decentralized C&C. kademlia, chord, and DHT's in general are fragile; they trade efficiency for resilience against a coordinated attacker, presuming the redundancy adequate for random (read: not intentional) failure is sufficient. if you want to take down storm, take down the C&C. it will cost you $100/mo for a dedicated server with modest bandwidth. implemented the attack is left as an exercise for the reader... :P _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Its time to get serious about Storm Worm / RBN worried security (Mar 19)
- Re: Its time to get serious about Storm Worm / RBN coderman (Mar 19)
- Re: Its time to get serious about Storm Worm / RBN n3td3v (Mar 19)
- Re: Its time to get serious about Storm Worm / RBN Vladimir Vitkov (Mar 19)
- Re: Its time to get serious about Storm Worm / RBN mcwidget (Mar 19)
- Re: Its time to get serious about Storm Worm / RBN coderman (Mar 19)
- Message not available
- Re: Its time to get serious about Storm Worm / RBN coderman (Mar 19)
- Re: Its time to get serious about Storm Worm / RBN Philip Fagan (Mar 19)
- Re: Its time to get serious about Storm Worm / RBN n3td3v (Mar 19)
- Re: Its time to get serious about Storm Worm / RBN coderman (Mar 19)
- Re: Its time to get serious about Storm Worm / RBN n3td3v (Mar 19)