[Dshield] Msft Research

stu secmail at patchsupplier.dyndns.org
Tue Aug 23 11:44:16 GMT 2005


Could they not just get Business Broadband? :S ~£30 extra?

-----Original Message-----
From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org] On Behalf Of Bo Nordgren
Sent: 23 August 2005 12:02
To: General DShield Discussion List
Subject: Re: [Dshield] Msft Research

On Tue, 23 Aug 2005 12:36:31 +0200, Håkon Alstadheim wrote
> Bo Nordgren wrote:
> >>Just have the janitor at every MS national office world-wide subscribe
> >>to a normal consumer-broadband-service. Use remote-control or scripts to
> >>direct the virtual machines on the HoneyMonkeys. MS could be blanketing
> >>the world with incognito machines.
> >>    
> >
> >Well, I think that would actualy be in breach with the acceptable use policy
> >of most ISP's not to mention local laws governing internet activity of that
> >sort.
> >
> >  
> How could that be? They'd just be surfing to some web-adresses like 
> anybody could do. The only difference would be that the web-browser 
> would be remote-controlled from Redmond. The routine would be:
>     1) Start clean image in virtual machine.
>     2) Surf to web-address as given by script.
>     3) Shutdown virtual image and do a diff, mailing any suspect changes 
> to Redmond
>     4) Repeat from 1.
> 
> If this should turn out to be a problem with an normal user account, I'm 
> sure redmond could negotiate a deal. Then of course there would be more 
> people in the know, but I'm sure most of the machines would be allowed 
> to remain "in disguise" vis-a-vis the targeted web-servers. Even if some 
> of the HoneyMonkesy got revealed, that would not invalidate the results 
> from the rest.

Running commercial activity on a private broadband is normaly not allowed in the SLA but
you are completely right in that it could be solved by making a deal with the ISP. This
however is not what I replied on :)
There are a couple of places were it is not legal for a company to hide under private
accounts. Getting around that one would be to have the janitors manage and do the actual
work with the monkeys.

--


_______________________________________________
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list



More information about the list mailing list