Interesting People mailing list archives
more on Weird web data foxes experts
From: Dave Farber <dave () farber net>
Date: Fri, 27 Jun 2003 08:17:45 -0400
------ Forwarded Message From: Thomas Leavitt <thomas () thomasleavitt org> Date: Fri, 27 Jun 2003 01:19:53 -0700 To: dave () farber net Cc: mctaylor () privacy nb ca Subject: re: more on Weird web data foxes experts Dave, If what mct suggests is true, this suggests more focused attacks, in which, instead of randomly scanning the entire IP address space, co-ordinated deployments focus on cross-scanning/spoofing specified sub-sets of the IP address space could be quite effective. I could even imagine a mechanism wherein each system actually aggregates results from multiple scans, and then sends them along... and in which systems can actually update each other and distribute larger datasets by passing along the results of scans received from other systems, etc. In fact, there is no end to the possibilities enabled by this type of "hiding in the open" technique... if you assume, from the very beginning, that source and destination addresses are completely random (or random within specific sub-sets of the IP address range), then these trojans could do anything a normal IP session would do - it is just like spam, who cares if only 1 out of 1,000,000 messages sent actually results in a connection... as long as enough of them do, it doesn't matter. You could do distributed software updates, you could actually have infected systems create self-propagating databases (suitably encrypted and authenticated) of which systems are infected, and actually initiate non-random connections among all the noise (it would be very hard to identify them), etc. all completely uncontrolled (directly) from any central source. I actually suggested this as a possibility, using Usenet as the distribution vehicle for information, five or six years ago in an exchange with Bruce Sterling. Regards, Thomas Leavitt From: Dave Farber <dave () farber net> Subject: more on Weird web data foxes experts Date: Wed, 25 Jun 2003 15:18:06 -0400 ------ End of Forwarded Message ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on Weird web data foxes experts Dave Farber (Jun 27)