Katrina Network Damage Report

Mon Sep 12 01:49:47 UTC 2005

On Mon, 12 Sep 2005, Suresh Ramasubramanian wrote:

> On 12/09/05, Joel Jaeggli <joelja at darkwing.uoregon.edu> wrote:
>>
>> It doesn't scare us... ever try nmaping a /48?
>>
>
> one host at a time? from a single point? nope - once v6 becomes common
> enough someone will just write a nice little distributed botnet to
> propagate around it.

Drop me a line when your botnet finishes scanning 3FFE:0000::/16 and moves 
on to 2001:xxxx::

Probing for hosts isn't realistic. That doesn't rule out other resource 
discovery methods obviously, in fact it insures that they'll have to be 
used...

> who wants nmap when all you need is to throw enough common exploits
> blindly at a series of hosts?
>
> the era of carefully crafted exploits against a single large host is
> almost dead, except for really high value hosts.
>
> botnets are kind of an industrial revolution in this area

For v4 space, spray and pray works well enough...

>> digital set-top boxes and tv's that need bi-directional communication to
>> unwrap drm, That's order of a billion or so devices in the US over the
>> next 10 years.
>
> a TV botnet will probably leave your channel locked onto a 24x7 feed
> of Barney the big purple dinosaur and ... AAAH THE TENTACLES
>
> But seriously, computing power that people would use for moon landings

Uh... lunar module computer (1969), 5000 transistor cpu, 74k rom 4k ram.

> a few years back is available on ubiquitous home devices that were
> never intended to be connected to the internet.

Even low end parallax basic stamps have more horsepower than that.

> Security is something that really must be taken into account now,
> before it starts to become a problem

It's already to late, to stop it before it's a problem.

> --srs
>

-- 
--------------------------------------------------------------------------
Joel Jaeggli  	       Unix Consulting 	       joelja at darkwing.uoregon.edu
GPG Key Fingerprint:     5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2