| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: eckman at umn.edu (Brian Eckman) Subject: Centralized server information gathering alternatives / The Bizex worm Kristian Hermansen wrote: > Most worms today that infect machines try to report back to centralized > servers specified by the creator (to upload/download data). The only > problem with this approach is that centralized servers can be shut down to > prevent the spread of the worm and cease information gathering. Now, what > would happen if worms were "smarter" and instead utilized the BitTorrent > networks? With a small server client built into the worm payload and > 50,000-100,000 infected machines, the author(s) (and even the worm itself) > now has access to the data being harvested without the crutch of a single > (or a few) predetermined access points. Do you guys think this approach > will be utilized in the more advanced worms of tomorrow? Some worms have been propogating using P2P-like methods for a while now. Check out Sinit if you're not familiar with it. http://www.lurhq.com/sinit.html This model will surely be recreated and improved, sooner rather than later. Brian -- Brian Eckman Security Analyst OIT Security and Assurance University of Minnesota "There are 10 types of people in this world. Those who understand binary and those who don't."
Powered by blists - more mailing lists