| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4ef5fec60803191237i3274de8kfc1abb2bb887cc1e@mail.gmail.com> Date: Wed, 19 Mar 2008 12:37:23 -0700 From: coderman <coderman@...il.com> To: mcwidget <mcwidget@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Its time to get serious about Storm Worm / RBN On Wed, Mar 19, 2008 at 5:49 AM, mcwidget <mcwidget@...il.com> wrote: > ... > Aint that the whole problem with Storm tho? The lack of CC boxes? Without > that target, how do you effectively shutdown something like this? the target is the distributed hash table routing metric used for decentralized C&C. kademlia, chord, and DHT's in general are fragile; they trade efficiency for resilience against a coordinated attacker, presuming the redundancy adequate for random (read: not intentional) failure is sufficient. if you want to take down storm, take down the C&C. it will cost you $100/mo for a dedicated server with modest bandwidth. implemented the attack is left as an exercise for the reader... :P _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists