[Dshield] vunerability windows

Stephane Grobety security at admin.fulgan.com
Mon Feb 9 13:59:49 GMT 2004


AS> that thing that i read somewhere that aol was testing. erm. like an
AS> extension to smtp.
AS> that supposed to check where email is from before accepting it.  Seems like
AS> that would put a spanner in the
AS> workings of a lot of viruses.

Actually, AOL is testing an extension to DNS: spf (Sender permitted
From). The idea is simple: add a TXT record to your DNS zone that
indicates what servers (IP addresses) are permitted to send mail on
behalf of the mentioned domain. (see http://spf.pobox.com/ for
details).


AS> one of these days, i expect to see a virus that not only leeches everyones
AS> bandwidth but steals computer power. 
AS> like distributed processing. mmmmmm. 1 million pcs parallel processing. 
AS> although i cant think of a good reason why criminals or spammers for that
AS> matter would want/need that much processing power. It sounds like a good
AS> plot for a movie. "Mad scientist solves the secrets of the ???? b4 goverment
AS> with his 1 million parrallel processing pcs assembled using a worm virus"

I don't think it will happen with today's technology. The problem is
that a "distributed computing" virus would have a traffic flow that is
the reverse of what traditional virii have: Instead of getting data
from an infected machine to an uninfected one, allowing the creation
of a one-way chain, this new brand of virii would need to send
information back to their source, allowing an easy tracking or said
source (and, of course, a quite easy way to shut it off).

I don't say that it's impossible, mind you: they could also
disseminate their payload in a statistical pattern that would allow the
author to collect the result while still being hard to trace but for
it to work, it would probably need some kind of P2P network that is
more connected and has way more average bandwidth than what we have
today. Maybe it would be interesting to do some computation on the
requirements on such network...

AS> infact a movie about identity theft thru computer infection would
AS> probably be a good way of getting the message across seeing as
AS> nothing else seems to be working.

You mean like this "The Net" movie ?

Good luck,
Stephane





More information about the list mailing list