[Dshield] Msft Research

Håkon Alstadheim hakon at alstadheim.priv.no
Tue Aug 23 10:36:31 GMT 2005


Bo Nordgren wrote:
>>Just have the janitor at every MS national office world-wide subscribe
>>to a normal consumer-broadband-service. Use remote-control or scripts to
>>direct the virtual machines on the HoneyMonkeys. MS could be blanketing
>>the world with incognito machines.
>>    
>
>Well, I think that would actualy be in breach with the acceptable use policy
>of most ISP's not to mention local laws governing internet activity of that
>sort.
>
>  
How could that be? They'd just be surfing to some web-adresses like 
anybody could do. The only difference would be that the web-browser 
would be remote-controlled from Redmond. The routine would be:
    1) Start clean image in virtual machine.
    2) Surf to web-address as given by script.
    3) Shutdown virtual image and do a diff, mailing any suspect changes 
to Redmond
    4) Repeat from 1.

If this should turn out to be a problem with an normal user account, I'm 
sure redmond could negotiate a deal. Then of course there would be more 
people in the know, but I'm sure most of the machines would be allowed 
to remain "in disguise" vis-a-vis the targeted web-servers. Even if some 
of the HoneyMonkesy got revealed, that would not invalidate the results 
from the rest.
-- 
Håkon Alstadheim 	+47 74 82 60 27
7510 Skatval
http://alstadheim.priv.no/



More information about the list mailing list