[RC5] RC5 keys aren't the only things being cracked by the million.

Charles Franks Charlz at lvcablemodem.com
Tue Oct 26 12:01:02 EDT 1999


This definitely would be a project where one would have to a serious
risk/benefit study. If the information gathered by this kind of effort
fell into the wrong hands it would be a major disaster.

D.net gets enough negative connotations from being involved with the
cracking of encrypted messages that are part of a legitimate contest. I
can only imagine the firestorm generated by an effort of massively
testing the security of thousands of systems without being asked by the
owners or sanctioned by some group such as the National Infrastructure
Protection Center (NIPC) or some other government entity. And of course
that would only apply to testing systems located in the USA. 

The most interesting thing I thought about the article that Adam Z.
paraphrases below is that these distributed DOS attacks are something
new. This kind of thing has been going on in the IRC environment for
years... botnet, floodnet etc.  It was only a matter of time till it
moved into a new arena, just wait till it gets to something really
important like the financial markets.

Charles



Adam Zilinskas wrote:

> Well there is this article.
> http://www.zdnet.com/zdnn/stories/news/0,4586,2376768,00.html
> 
> The summary is that there is a new kind of denial of service attack
>  where many computers are used to take out a server.
>  (a normal D O S attack, one machine goes out and does
>   something to a server to either crash it or overwhelm
>   it with traffic or tasks, given an understanding of
>   the attack, the offending machine or task can be blocked).
>   People are still studying on how to defend against this
>   without blocking legitamit uses.
> 
>  A problem with D.net doing something like this shotgun
>   testing of security could turn thousnads of machines into
>   a weapon like this group attack on a server. It could also
>   happen inadvertently, imagine 10,000 machines going in
>  an attempting to hit a web page on a lowly server sitting on
>  a 64Kbit ISDN line, the line quickly saturates and effectively
>  takes the server off the internet when they did not mean to.
> 
>                   Adam Zilinskas
>                   Solutions IQ
>                   azilinskas at solutionsiq.com
> 
> --
> To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
> rc5-digest subscribers replace rc5 with rc5-digest


--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list