Big Bad Beowulfs Again

John Marquart jomarqua at indiana.edu
Sat May 13 15:27:21 PDT 2000 

On Sat, 13 May 2000, Gerry Creager N5JXS wrote:

> "jok707s at mail.smsu.edu" wrote:
> > Let us assume that a hostile group is trying to disable as much of the web as
> > possible, all at once, in a coordinated attack.  (Maybe they read the
> > Unabomber Manifesto and they were really impressed by it; maybe they have some
> > other ideological ax to grind.)  They design their beowulf, from the ground
> > up, with this intent in mind.  They have on each node (and the server) the
> > biggest hard drive that they can attach, and they use this space for storing
> > all the relevant weaknesses that they gather from various sources: their own
> > scanning, hacker sites, CERT reports, Cybernotes issues, &c.  They are
> > extremely patient and careful, gathering and analysing the material for
> > several years without being detected.  When they finally feel that they are
> > ready, they launch a global attack which is not only varied in its methods
> > (combining DOS, email bombing, directory manipulations within cracked
> > firewalls, web site sabotage, &c, &c), but which is also designed to be
> > synergistic: the problems generated in one area should cause &/or aggravate
> > problems in other areas.
> > 
> > Now my question is: would the computing power of a beowulf be helpful in the
> > preparation &/or the execution of such an attack?  Would the analysis of the
>
> I don't think so.  The principle power of a 'Wulf remains in the
> coordinated execution of a solution set.  If you're not looking at a
> parallel processing problem, you're not looking to solve it with a
> 'Wulf, and might as well start generating your analysis on a largish
> group of independent PCs.  Or Sparcs.  Or G4s.  I don't see the general
> analysis of overall network weakness as a solvable problem because of
> the wide variance of conditions onthe 'Net.  Even with a 'Wulf, there's
> a point where, if you can't adequately paramaterize the problem, you can
> neither program for it nor solve it.

I disagree in some regards.  I think such a task as described above is a
pribe CBR type task - where, the CBR engine could easily be parallelized -
in both course and fine grained method - according to how the CBR engine
algorithm works.   The CBR could then sift through your huge volume of
CERN reports, "H/P/V" (hack/phreak/virus), etc. information - and perhaps
greatly aid either the formation of strategy - or be immensly helpful as a
resource to real people - carrying out directed attacks.

just $.02,
-jamie

More information about the Beowulf mailing list