Re: A code red that could bring down the net?

From: Jose Nazario (jose@biocserver.BIOC.cwru.edu)
Date: 07/26/01 

Date: Thu, 26 Jul 2001 14:11:05 -0400 (EDT)
From: Jose Nazario <jose@biocserver.BIOC.cwru.edu>
To: <vuln-dev@securityfocus.com>
Subject: Re: A code red that could bring down the net?
Message-ID: <Pine.LNX.4.30.0107261356100.30694-100000@biocserver.BIOC.CWRU.Edu>

(D)DoS is so ... february 2000. get over it.

instead, consider havoc and mayhem. think "false news report injection",
think "stock report falsification". human driven chaos is sigificantly
more difficult to stem than computer driven packet floods. think "war of
the worlds". given our increasing reliance on the Inet for information
dissemination, a few well worded 'hey, the stock market is taking a bath!
sell!' emails that prey on the contacts list would defnitely help up the
credibility of such forged emails. enough people hitting their portfolios
to dump their stocks and ... whammo.

if one truly had malicious intents at really playing with the world (ie to
make some money on the stock market, to cause political instability for
opportunistic gain), you'd have to reapply your thoughts to something just
a bit more creative.

still, being destructive is easy and, by definition, not productive.
think, instead, about how you would defend against such an attack and help
harden systems to prevent such problems. that's where we need people to
go, to take the next step and say 'ok, this problem exists, it can be used
to cause these destructive patterns, how do we defend against it?'

____________________________
jose nazario jose@cwru.edu
                           PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)