On Wed, Mar 19, 2008 at 5:49 AM, mcwidget <mcwidget_at_gmail.com> wrote:
> ...
> Aint that the whole problem with Storm tho? The lack of CC boxes? Without
> that target, how do you effectively shutdown something like this?
the target is the distributed hash table routing metric used for
decentralized C&C. kademlia, chord, and DHT's in general are fragile;
they trade efficiency for resilience against a coordinated attacker,
presuming the redundancy adequate for random (read: not intentional)
failure is sufficient.
if you want to take down storm, take down the C&C. it will cost you
$100/mo for a dedicated server with modest bandwidth. implemented the
attack is left as an exercise for the reader...
:P
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Mar 19 2008
Intro
