[Dshield] Msft Research

Bo Nordgren bo at nordgren.net
Tue Aug 23 11:01:36 GMT 2005

On Tue, 23 Aug 2005 12:36:31 +0200, Håkon Alstadheim wrote
> Bo Nordgren wrote:
> >>Just have the janitor at every MS national office world-wide subscribe
> >>to a normal consumer-broadband-service. Use remote-control or scripts to
> >>direct the virtual machines on the HoneyMonkeys. MS could be blanketing
> >>the world with incognito machines.
> >>    
> >
> >Well, I think that would actualy be in breach with the acceptable use policy
> >of most ISP's not to mention local laws governing internet activity of that
> >sort.
> >
> >  
> How could that be? They'd just be surfing to some web-adresses like 
> anybody could do. The only difference would be that the web-browser 
> would be remote-controlled from Redmond. The routine would be:
>     1) Start clean image in virtual machine.
>     2) Surf to web-address as given by script.
>     3) Shutdown virtual image and do a diff, mailing any suspect changes 
> to Redmond
>     4) Repeat from 1.
> If this should turn out to be a problem with an normal user account, I'm 
> sure redmond could negotiate a deal. Then of course there would be more 
> people in the know, but I'm sure most of the machines would be allowed 
> to remain "in disguise" vis-a-vis the targeted web-servers. Even if some 
> of the HoneyMonkesy got revealed, that would not invalidate the results 
> from the rest.

Running commercial activity on a private broadband is normaly not allowed in the SLA but
you are completely right in that it could be solved by making a deal with the ISP. This
however is not what I replied on :)
There are a couple of places were it is not legal for a company to hide under private
accounts. Getting around that one would be to have the janitors manage and do the actual
work with the monkeys.


More information about the list mailing list