Re: Grid computing through malware



Hello Alex,

Not only is this scenario plausible, it has actually happened in the past. There have been numerous cases where controllers of botnets have installed distributed computing clients such as SETI@Home and 'distributed.net' on machines that they had control of.

I think that the key point from the perspective of propagation is that the distributed computing client will rarely be the only payload dropped onto a compromised system as it only enables limited utilization of the host. What is more commonly the case is that a more comprehensive control client such as a bot or remote administration client is dropped first to give the controller full control of the hosts, after which further clients will be dropped depending on the desires of the said controller.

The scenario you describe could be very interesting given that the lack of a more common controller client would make the intrusion significantly harder to detect (I doubt that any malware scanning technology would consider a grid computing client to be malicious... yet). Also, if the client is tweaked for this scenario, it could be such that resources are only utilized when the machine is idle- further decreasing the likelihood of detection. Ultimately, it'll be a firewall or IDS that brings the system down as the grid client will likely generate lots of network traffic.

Good luck with your project.
flurdoing



Alex Nedelcu wrote:
Hello,

I would like to build my license project on the grid computing
subject. I want to add a twist to it though, for this i was hoping for
some input on this scenario:

Say that a new vulnerability is discovered and a malicious attacker
uses that vulnerability to install an inconspicuous grid client that
uses the system's resources to compute whatever you throw at it. Would
the combined power of thousands or even millions of systems be enough
to break a secured online transaction?

Thanks.

---------------------------------------------------------------------------

This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------





---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------



Relevant Pages

  • openssh 3.5p1: PATCH
    ... - sftp transaction logging ... control over whether the client can execute chmod, ...
    (comp.security.ssh)
  • Asp.net Important Topics.
    ... ASP.NET server controls contained within the page. ... A custom server control is ... can also perform validation using client script. ... Where does the Web page belong in the .NET Framework class hierarchy? ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: XPe PXE RDP minimum config?
    ... Certificate Request Client & Certificate Autoenrollment ... Common Control Libraries Version 5 ... Shell Core Registry Data ... It is Minlogon image with fully capable RDP client running. ...
    (microsoft.public.windowsxp.embedded)
  • Re: patterns for getting system status...
    ... the Strategic Decision Maker (client), ... but the responsibility of control ... subsystem subject matters or interfaces... ... Facades are interfaces, ...
    (comp.software.patterns)
  • Re: .Net to Native
    ... with Windows Forms. ... client side control on a web page -- a grid with a bunch of extra ... Okay, but one should also not assume that there will not be a problem. ... The client upgraded to .NET 2.0 for a separate application. ...
    (microsoft.public.dotnet.framework)