|
Full Disclosure
mailing list archives
Re: 0day: PDF pwns Windows
From: Gadi Evron <ge () linuxbox org>
Date: Tue, 25 Sep 2007 09:49:46 -0500 (CDT)
On Tue, 25 Sep 2007, Jason wrote:
You present a valid position but fall short of seeing the whole picture.
As an attacker, nation state or otherwise, my goal being to cripple
communications, 0day is the way to go. Resource exhaustion takes
resources, something the 0day can deprive the enemy of.
Knocking out infrastructure with attacks is a far more effective
strategy. You can control it's timing, launch it with minimal resources,
from anywhere, coordinate it, and be gone before it can be thwarted. The
botnet would only serve as cover while the real attack happens.
I am more inclined to believe that botnets in use today really only
serve as cover, thuggish retribution, and extortion tools, not as
effective tools of warfare. No real warfare threat would risk exposing
themselves through the use of or construction of a botnet.
There is a difference between Sun Tsu-like stealth and civil war-like
"throw bodies at it".
I quite agree 0days would be important tools, but not necessarily the only
tool. Then, it would only be a fascilitating technology. A known
vulnerability is also useful in many cases.
About botnets, they are at the very heart of the matter--not necessarily
for being used in this fashion, but rather because the Internet is perfect
for plausible deniability, and then, of course, there is the matter of a
/fifth column/, inside your network.
Gadi.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
Re: 0day: PDF pwns Windows Thierry Zoller (Sep 21)
|
Intro
