| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <48127.1223318264@turing-police.cc.vt.edu>
Date: Mon, 06 Oct 2008 14:37:44 -0400
From: Valdis.Kletnieks@...edu
To: n3td3v <xploitable@...il.com>
Cc: n3td3v <n3td3v@...glegroups.com>, full-disclosure@...ts.grok.org.uk,
nanog@...og.org
Subject: Re: Fwd: cnn.com - Homeland Security seeks cyber
counterattack system (Einstein 3.0)
On Sun, 05 Oct 2008 18:30:11 BST, n3td3v said:
> You guys are living in cloud cuckoo land. The rogue government
> wouldn't have their bot nets in home computers that you could shut
> down easily.
Which is easier to shut down, an attack coming from a relatively small
number of /16s that belong to the government, or one coming from the
same number of source nodes scattered *all* over Comcast and Verizon
and BT and a few other major providers?
Hint 1: Consider the number of entry points into your network for the two
cases, especially if you are heavily peered with one or more of the source
ISPs. Consider also the "shoot self in foot" outcome if you decide to
block *all* of Comcast, Verizon, BT and the others....
Hint 2: If botnets in home computers were so easy to shut down, why are
there so many miscreants still using them for nefarious purposes?
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists