Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Storm Gets Polluted

  1. #1
    Senior Member phernandez's Avatar
    Join Date
    Aug 2003
    Location
    NYC
    Posts
    246

    Storm Gets Polluted

    The Storm botnet became legend thanks, in part, to its impenetrable, unknowable command and control structure. But researchers have discovered the botnet's Achilles' heel.

    Researchers Infiltrate and 'Pollute' Storm Botnet - Dark Reading

    The researchers, from the University of Mannheim and the Institut Eurecom, recently infiltrated Storm to test out a method they came up with of analyzing and disrupting P2P botnets. Their technique is a spinoff of traditional botnet tracking, but with a twist: it not only entails capturing bot binaries and infiltrating the P2P network, but it also exploits weaknesses in the botnet’s P2P protocol to inject “polluted” content into the botnet to disrupt communication among the bots, as well as to study them more closely. The researchers tested their pollution method out on Storm -- and it worked. They presented their research this month at Usenix.
    To continue the Storm buzz...

  2. #2
    Senior Member JPnyc's Avatar
    Join Date
    Jan 2005
    Posts
    2,734
    is it just my imagination or is it stupid to publicize, in detail, the means by which these bots are being thwarted? Why not just call up the developers and say hey we found a flaw in your bot, this is how it works so you can fix it.

  3. #3
    Member d34dl0k1's Avatar
    Join Date
    Mar 2007
    Posts
    58
    Quote Originally Posted by JPnyc
    is it just my imagination or is it stupid to publicize, in detail, the means by which these bots are being thwarted? Why not just call up the developers and say hey we found a flaw in your bot, this is how it works so you can fix it.
    uh, what?

  4. #4
    Senior Member C:\Saw's Avatar
    Join Date
    Jan 2008
    Posts
    125
    dead,
    ~sarcasm on jpync's part there
    "...to give correctly is to give them what they need from us, for it would not be skillful to bring gifts to anyone that are in no way needed."
    --Socrates

    *Einstein Would Be Proud*

  5. #5
    Senior Member phernandez's Avatar
    Join Date
    Aug 2003
    Location
    NYC
    Posts
    246
    If anything, it displays the cunning, patience and methodical nature of some hackers. Plus, we've been hearing how Storm and botnets like it are untouchable. Not so much anymore...

  6. #6
    Member
    Join Date
    Jan 2008
    Posts
    30
    Yeah but just wait until the Russian programmers hear about this. I have a feeling they'll be updating all of their bots with a new strain to counteract this.

  7. #7
    Senior Member JPnyc's Avatar
    Join Date
    Jan 2005
    Posts
    2,734
    Of course they will, that's my point. I don't know that I'd be so quick to publicize this so widely, and so thoroughly. I know there is a need to inform but the other side of the coin is, it helps the battle to be a never-ending one.

  8. #8
    Senior Member
    Join Date
    Oct 2002
    Posts
    141
    I know two things and those are the battle will never end, and obscurity is never a good form of security.

    Usenix article: http://www.usenix.org/event/leet08/t...olz/holz_html/

    My hat goes off to everyone involved in this...

    -sp0nge
    Did curiousity really kill the cat, or is that just what they want you to think?

  9. #9
    Senior Member JPnyc's Avatar
    Join Date
    Jan 2005
    Posts
    2,734
    I know the battle will never end, but does that mean they have to make it so much easier for the opponent to respond?

  10. #10
    Senior Member
    Join Date
    Oct 2002
    Posts
    141
    I just feel that not only have they alerted Storm's operator, but they have helped shine the way for anyone who has the technical ability who wishes to experiment with this as well.

    The technology involved with botnets has infinite potential and personally I look forward to being able to learn more about such things in the future. I wish I had the ability to do something similar

    It is such a shame that the party involved with the creation of such a network had such poor motives. This would all make such a good lecture at the Black Hat conference, and if this was able to function as sort of a distributed computing network...

    -sp0nge
    Did curiousity really kill the cat, or is that just what they want you to think?

Similar Threads

  1. News: U.S. Government unleashes cyber storm
    By s0nIc in forum Security News
    Replies: 10
    Last Post: March 15th, 2006, 07:27 AM
  2. New 0-Day Exploit - SANS Internet Storm Center
    By genXer in forum Security News
    Replies: 4
    Last Post: November 30th, 2005, 10:45 PM
  3. The Coming Privacy Storm Over RFID Chip
    By moxnix in forum AntiOnline's General Chit Chat
    Replies: 4
    Last Post: April 4th, 2004, 02:51 AM
  4. storm linux
    By BoZaK in forum Newbie Security Questions
    Replies: 3
    Last Post: July 29th, 2003, 11:55 AM
  5. Fragment storm attack
    By Networker in forum Miscellaneous Security Discussions
    Replies: 5
    Last Post: February 4th, 2003, 04:37 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •