Big Bad Beowulfs Again

Nathan L. Cutler livingston at iol.cz
Sat May 13 14:54:14 PDT 2000


On Sat, May 13, 2000 at 05:40:34AM -0500, jok707s at mail.smsu.edu wrote:
> Let us assume that a hostile group is trying to disable as much of the
> web as possible, all at once, in a coordinated attack.  (Maybe they read
> the Unabomber Manifesto and they were really impressed by it; maybe they
> have some other ideological ax to grind.)  They design their beowulf,
> from the ground up, with this intent in mind.  They have on each node
> (and the server) the biggest hard drive that they can attach, and they
> use this space for storing all the relevant weaknesses that they gather
> from various sources: their own scanning, hacker sites, CERT reports,
> Cybernotes issues, &c.  They are extremely patient and careful, gathering
> and analysing the material for several years without being detected.
> When they finally feel that they are ready, they launch a global attack
> which is not only varied in its methods (combining DOS, email bombing,
> directory manipulations within cracked firewalls, web site sabotage, &c,
> &c), but which is also designed to be synergistic: the problems generated
> in one area should cause &/or aggravate problems in other areas.

You neglect to take into account the BUGTRAQ factor (if you don't know what
BUGTRAQ is, try typing "BUGTRAQ" into your favorite web search engine).

In other words: "accumulating" knowledge of weaknesses would be of little
use to the troublemakers because the weaknesses are widely publicized as
they are discovered and fixes appear within days in most cases (sometimes
hours).

By the time the troublemakers unleashed their dastardly attack, most if not
all of it would be obsolete.

-- 
Nathan L. Cutler < livingston @ iol.cz >         telephone: +420-2-51611648
Livingston Professional Translations		 fax:       +420-2-6514377
** When "pretty good" is not enough **           mobile:    +420-602-259964




More information about the Beowulf mailing list