Re: Flash Worms

From: Dragos Ruiu (dr@kyx.net)
Date: 08/18/01


From: Dragos Ruiu <dr@kyx.net>
To: jaywhy <jaywhy2@home.com>, Michal Zalewski <lcamtuf@gis.net>, Stuart Staniford <stuart@silicondefense.com>
Subject: Re: Flash Worms
Date: Sat, 18 Aug 2001 11:08:14 -0700
Message-Id: <0108181139290F.36098@smp.kyx.net>

On Sat, 18 Aug 2001, jaywhy wrote:
> It really wouldn't matter even if you only got to 20%, 10% or even 5% of the
> vulnerable hosts. Those computer running a DDOS attack against anything
> would completely destroy it.

Uhm, no, imho.

Even if you have 10% of the internet it still makes a big difference
which 10% you have (and which internet ;-), and where your target
is, and how their network is, ahem, misdesigned (if a 14y old is
gonna blow it up :-) , and what your route(s) to the target are.

The DDoSability of a network is a big function of it's design.
From my tests, and barring me playing around with custom
worm test races (Exhibition event at the next Olympics? :-),
in ddos there seem to be a few big factors: the cleverness
of the transmitter design, the oompf of the tx vs. rx, (os cpu
nic everything), and the sizes and bottlenecks of the pipes
in between. As the people who run heavily dossed servers
have alredy evolved, by careful network design and multiple
peering and redundant facilities you can make your network
very D/DoSsurvivable.

cheers,
--dr

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com



Relevant Pages

  • Re: Flash Worms
    ... Subject: Flash Worms ... Those computer running a DDOS attack against anything ... The DDoSability of a network is a big function of it's design. ...
    (Focus-IDS)
  • Review my resume. Please.
    ... communication, interpersonal, and problem solving skills. ... MOST and CAN (Controller ... network devices for automotive industry based on MOST (Media Oriented ... the Open Systems Interconnect reference model; design focused ...
    (comp.arch.embedded)
  • Re: FAA: Boeings New 787 May Be Vulnerable to Hacker Attack
    ... determination if that design is compliant with the rules (14 CFR Part ... Special Conditions: Boeing Model 787-8 Airplane; ... network architecture is used for a diverse set of functions, ...
    (rec.aviation.piloting)
  • Re: Is AI all about time?
    ... The "high level thinking" network is NOT A DIFFERENT TYPE OF NETWORK from ... "I think it will be possible to build strong generic learning ... ALL REINFORCEMENT LEARNING PROCESSES INCLUDE BEHAVIOR ... us the ability to design. ...
    (comp.ai.philosophy)
  • Re: FAA: Boeings New 787 May Be Vulnerable to Hacker Attack
    ... that design is compliant with the rules. ... Special Conditions: Boeing Model 787-8 Airplane; ... network architecture is used for a diverse set of functions, ...
    (rec.aviation.piloting)