lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 06 Oct 2008 14:37:44 -0400
From: Valdis.Kletnieks@...edu
To: n3td3v <xploitable@...il.com>
Cc: n3td3v <n3td3v@...glegroups.com>, full-disclosure@...ts.grok.org.uk,
	nanog@...og.org
Subject: Re: Fwd: cnn.com - Homeland Security seeks cyber
	counterattack system (Einstein 3.0)

On Sun, 05 Oct 2008 18:30:11 BST, n3td3v said:

> You guys are living in cloud cuckoo land. The rogue government
> wouldn't have their bot nets in home computers that you could shut
> down easily.

Which is easier to shut down, an attack coming from a relatively small
number of /16s that belong to the government, or one coming from the
same number of source nodes scattered *all* over Comcast and Verizon
and BT and a few other major providers?

Hint 1: Consider the number of entry points into your network for the two
cases, especially if you are heavily peered with one or more of the source
ISPs.  Consider also the "shoot self in foot" outcome if you decide to
block *all* of Comcast, Verizon, BT and the others....

Hint 2: If botnets in home computers were so easy to shut down, why are
there so many miscreants still using them for nefarious purposes?

Content of type "application/pgp-signature" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ