Full Disclosure: Centralized server information gathering alternatives / The Bizex worm

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Centralized server information gathering alternatives / The Bizex worm

From: "Kristian Hermansen" <khermansen () ht-technology com>
Date: Wed, 25 Feb 2004 14:18:24 -0500

Most worms today that infect machines try to report back to centralized
servers specified by the creator (to upload/download data).  The only
problem with this approach is that centralized servers can be shut down to
prevent the spread of the worm and cease information gathering.  Now, what
would happen if worms were "smarter" and instead utilized the BitTorrent
networks?  With a small server client built into the worm payload and
50,000-100,000 infected machines, the author(s) (and even the worm itself)
now has access to the data being harvested without the crutch of a single
(or a few) predetermined access points.  Do you guys think this approach
will be utilized in the more advanced worms of tomorrow?


Kristian Hermansen
khermansen () ht-technology com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

Centralized server information gathering alternatives / The Bizex worm Kristian Hermansen (Feb 25)
- Re: Centralized server information gathering alternatives / The Bizex worm Brian Eckman (Feb 25)
- RE: Centralized server information gathering alternatives / The Bizex worm Aditya, ALD [Aditya Lalit Deshmukh] (Feb 27)
  - RE: Centralized server information gathering alternatives / The Bizex worm J.A. Terranson (Feb 27)