Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

more on Weird web data foxes experts

From: Dave Farber <dave () farber net>
Date: Fri, 27 Jun 2003 08:17:45 -0400

------ Forwarded Message
From: Thomas Leavitt <thomas () thomasleavitt org>
Date: Fri, 27 Jun 2003 01:19:53 -0700
To: dave () farber net
Cc: mctaylor () privacy nb ca
Subject: re: more on Weird web data foxes experts

Dave,

 If what mct suggests is true, this suggests more focused attacks, in which,
instead of randomly scanning the entire IP address space, co-ordinated
deployments focus on cross-scanning/spoofing specified sub-sets of the IP
address space could be quite effective.

 I could even imagine a mechanism wherein each system actually aggregates
results from multiple scans, and then sends them along... and in which
systems can actually update each other and distribute larger datasets by
passing along the results of scans received from other systems, etc.

 In fact, there is no end to the possibilities enabled by this type of
"hiding in the open" technique... if you assume, from the very beginning,
that source and destination addresses are completely random (or random
within specific sub-sets of the IP address range), then these trojans could
do anything a normal IP session would do - it is just like spam, who cares
if only 1 out of 1,000,000 messages sent actually results in a connection...
as long as enough of them do, it doesn't matter. You could do distributed
software updates, you could actually have infected systems create
self-propagating databases (suitably encrypted and authenticated) of which
systems are infected, and actually initiate non-random connections among all
the noise (it would be very hard to identify them), etc. all completely
uncontrolled (directly) from any central source.

 I actually suggested this as a possibility, using Usenet as the
distribution vehicle for information, five or six years ago in an exchange
with Bruce Sterling.

Regards,
Thomas Leavitt


From: Dave Farber <dave () farber net>
Subject: more on  Weird web data foxes experts
Date: Wed, 25 Jun 2003 15:18:06 -0400

------ End of Forwarded Message

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: