[Dshield] so what's next?

Ed Truitt ed.truitt at etee2k.net
Fri Sep 6 20:44:40 GMT 2002

Three things I haven't seen mentioned:

1) Some widespread attack targeting systems vulnerable to SNMP exploits
(have you change your community string?) - this one, if successful, could
get really ugly as it could impact everything from printers to major
backbone routers.  What would happen to your business if the printers, the
servers, the routers and switches all launched a massive DDoS attack against
each other?

2) Given all these new wonderful "I can control my work PC from home or
anywhere I can get to a browser, and it doesn't matter what type of firewall
the company has in place" remote-control programs, how about someone
packages one of them into a nice downloadable and it starts getting spread
around like "Love Bug".

3)  The RIAA decides to "deal with" all those evil music swappers.  So, they
dress up some horrid trojan to look like a nice juicy tune, put it out on a
P2P honeypot, and when they get their "RIAA as hacker is OK" bill passed,
they activate the trojans - but, since some idiot put the trojan on a MS
Security Update download, when it activates every copy of Windows > 95 gets
blown to heck as the hard drives are trashed.  Of course, since everyone
accepted the EULA that said that MS Security Updates might disable
previously running applications, they can't be touched - and since the RIAA
has legal protection for hacking so long as they call it "anti-music
piracy", they can't be touched.  So, Tux ends up winning the Battle of the
OS desktop in the end :-)

Oh, sorry, forgot that this isn't April 1...

Ed Truitt
PGP fingerprint:  5368 D25E 468C A250 9833  CCD6 DBAE 9C25 02F9 0AB9

"Note to spammers:  my 'delete' key is connected to YOUR ISP.
 Also, if you send me UCE, I reserve the right to post your spew
on my Web site, with the appropriate color commentary, so that
others may have a good laugh at your expense."

More information about the list mailing list