[Dshield] Communication when emails are being watched

Kenneth Coney superc at visuallink.com
Wed Dec 24 12:44:47 GMT 2003


Just total paranoid speculation on my part, but if I was in a group like Al 
Qaida and the FBI and similar groups had installed something like 
Carnivore, and all my people were being hunted, would I still use Hotmail, 
now that it was being watched?  No.  Would I abandon the Internet as either 
a target, or a means of communication?  No.  I would look for, and write a 
virus like Nachia or something that floods the Internet with pings then 
release it.  The first good result (from that perspective) would be an 
increase in system wide noise and decreased resources.  After a few weeks, 
another result would be everyone would be ignoring pings.  I would then use 
pings from slave PCs to prearranged IP addresses as the actual 
communication.  A dozen ways of accomplishing that come to mind, ranging 
from -three pings from this address on this day mean X.., to -check the 
packet for ZZ which will mean...  Different pings from different PCs could 
carry different parts of a message.  Fairly complex messages could thus be 
sent.  Really hard to detect as it would all seem to be just be another 
series of "random" pings.






More information about the list mailing list