Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: High Value Target Selection
From: gmaggro <gmaggro () rogers com>
Date: Sat, 01 Dec 2007 11:09:55 -0500

translation: let's discuss how to discern high degree and/or vulnerable
nodes in critical infrastructure networks.

Correct.

1. To bring like minded people together while operating under the
strategy of 'leaderless resistance'
(http://en.wikipedia.org/wiki/Leaderless_resistance)

*yawn*

Apologies, but there's some people that haven't heard of the idea. Not
everyone here is from a western country, or wastes their time combing
for what might be perceived as 'out there' literature like ELF or SHAC
stuff.

2. To be the 'aboveground' partner to the 'underground' scene, or at
least serve to distract authorities from the activities of underground
groups

... ZZzzzzZZZ ... you're losing me, jim.

If we wind up not being to do anything useful, then at least run
interference for the real subversives. Keep our friends in intel and law
enforcement busy chasing dead ends. Lower the signal-to-noise ratio and
make them have to spend as much money as possible. Tarpit them.

4. To capture the imagination of the public

more like hatred.

What exactly is the difference? :)


So, types of infrastructure to attack:
[ list of infrastructure domains as if they exist as discrete units
     independent of each other... lolz! ]

Well, what was one to do - just put "1. The Internet"? No, the domains
were split up for the matter of discussion. Of course with networks any
divisions are arbitrary. But given the large area to attack, some
focusing of effort will be required, at least at first.

[lots of blah blah blah misunderstanding of what critical infrastructure
 is and how it is organized, USA bashing, etc...]

Please elaborate on your perceptions of my failure to adequately define
'critical infrastructure'.

As for USA bashing, meh. It's just that they make a great target and
they got lots of enemies. If I was Irish, maybe I'd have picked England,
and if I was Chechen, maybe I'd pick Russia. Not important.


first, go read Global Guerrillas.  that will keep you busy for a few weeks
and save us all more of this blather:
 http://globalguerrillas.typepad.com/globalguerrillas/

Thanks for the link, I'll check it out.

second, some attacking critical infrastructure clif notes:

1. those with clue have realized the folly of trying to make infallible
   infrastructure.  their focus has shifted to rapid repair instead of
   prevention.  there are papers written that describe exactly how
   stupid it is to think you can build resilient infrastructure in the face
   of a skilled attacker.
   (see the ATT telco in a trailer truck, etc)

2. critical infrastructure viewed as a graph theory problem highlights
   the compound vulnerabilities across multiple infrastructures inherent
   in high degree / high value nodes of critical infrastucture.
   (metropolitan bridges carrying fiber, gas, electricity, vehicles, etc
    over the same physical span, etc.)

3. most critical infrastructure is resilient against planned / common
   failure scenarios, and these protections actually create hyper-
   sensitive vulnerabilities against targeted / unplanned attacks.
   (M of N redundancy that leads to catastrophic failure against
    well targeted M attacks, etc.)

Good stuff. But wouldn't you have already surprised yourself vis-a-vis
your first  point? 'those with clue' are smaller than we'd like.
Sloppiness abounds; I am certain of that.

combining these aspects into attack scenarios is left as an
exercise for the reader [who pines for a vacation in club fed...]

Well that depends on the exact nature of any alleged or purported crime,
and whatever extradition treaties between the nation-state someone
resides in and the USA. They also have to catch you first.

the crux of the problem for the practical attacker is discerning the nature
and location of critical infrastructure nodes and links.  fortunately for the
determined individual this is merely a matter of effort and time, not a
question of ability.  for the rest of us this means our life style / way of life
is highly dependent on the lack of sufficiently skilled malcontents able and
willing to express their grievances in direct action against such systems.

A good summary, thank you. So I suppose I'm saying "Hey malcontents, if
we can't go more public let's start sharing info and making it
incredibly easy for other malcontents".

And would people, for once, consider that maybe the net was adopted too
damn fast by too many morons in too slap-dash a fashion? I never thought
I'd find myself arguing for a conservative approach in, well, anything.
But people really need to start doing a better job as it's affecting too
many people. Since that's not likely to happen..

perhaps this can be viewed as a check against the fascist dystopia many
fear as the end result of authoritarian abuse of power coupled with high
tech tools for manipulation and control of the populace...

p.s. my favorite tools in such scenarios (of course not advocation):
- the thermic lance
- portable saws (lithium battery cells quite power dense now)
- post hole diggers
- thermite flower pots (lol, so much fun!)
- software defined / police band and EM svcs capable radios
- bolt action .50 BMG (incendiary DU rounds++)

Why not advocate? If you did get in trouble for this post, I don't think
adding a caveat like "of course not advocation" would help you much, if
at all. Like those quips in Phrack or Paladin Press books "For
educational purposes only". Bwahahaha!

Really, how much trouble could we get in if we posted up a list of
street addresses, each address being a building that contained
significant telco and/or routing infrastructure? Especially if the next
week, a bunch of completely unrelated people park Oklahoma Specials out
front of said buildings and blow them up.

I know where those locations are for my city, and I'm sure others know
where those are for their cities. I say, let's post them up, make alot
of people nervous, and see what happens.

Additional thoughts:

Probably be some interesting/useful information poking around BGP land
and looking at ASs and their relationships in more detail. Especially
when cross-referenced to actual physical locations.

Interesting maps:

http://chrisharrison.net/projects/InternetMap/high/worlddotblack.png
http://chrisharrison.net/projects/InternetMap/high/worldBlack.png
http://chrisharrison.net/projects/InternetMap/high/euroblack.png
http://chrisharrison.net/projects/InternetMap/high/NorthAmericaBlack.png

http://www.isi.edu/ant/address/
http://xkcd.com/195/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]