Dailydave mailing list archives
Re: From int $13 to distributed object clouds
From: "Brian Azzopardi" <brian () gfi com>
Date: Fri, 22 Dec 2006 10:06:37 +0100
They need to be grouped intelligently
Can't you group IPs intelligently and then farm out the groups to be handled in parallel?
Some IP addresses are the same machine, and we need to know that
10.0.1.1 and 10.0.2.1 are the same machine You can do that as a post-process (assuming you don't do the intelligent grouping first).
intelligent parallelism handled by a language
What do you understand by intelligent parallelism? Is Occam intelligent enough? Do you prefer implicit parallelism? Just for the record, I am working (slowly) on an new language that has parallelism as fundamental part of the language, rather than tacked on to it via threads like Python/C++/etc. Brian -----Original Message----- From: dailydave-bounces () lists immunitysec com [mailto:dailydave-bounces () lists immunitysec com] On Behalf Of Dave Aitel Sent: Friday, December 22, 2006 4:43 AM To: dailydave () lists immunitysec com Subject: [Dailydave] From int $13 to distributed object clouds -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The question you have to ask yourself when dealing with, as Sinan would call it, "NP Complete Stuff" (aka, anything academic and wanky) is "How is this going to help me hack something". Lately I've been, in the back of my head, obsessed with distributed object languages. But how can I explain that having your language abstract not just memory management, but also parallelism, is going to help you break into more computers faster and better? The problem set is easy to understand: scanning a range of IP addresses for exploitable vulnerabilities and then exploiting them. People look at that and say "Easy to parallelize. Just split it up based on IP range.". They'd be wrong - IP addresses are connected to each other in many ways. They need to be grouped intelligently, and deep down, we're breaking into machines, not IP addresses. Some IP addresses are the same machine, and we need to know that 10.0.1.1 and 10.0.2.1 are the same machine even if they've been split up across scanning processes which reside on different computing clouds. We also need to use information gained from hacking 10.0.1.1 against 10.0.2.1. Something in my right brain is telling me parallelism is the next big step for something like CANVAS. Not simple "split it up into bite size pieces", but intelligent parallelism handled by a language that is as much like Python as possible, but time abstract. Possibly the easier next step is built-in data-mining and CRM. When we do open source data collection on a target, I need somewhere to enter that in that can reuse that information automatically. And when I own 10,000 machines, I need to be able to mine that cloud for the information I'm interested in, covertly. Of course, in the meantime it's shellcode shellcode shellcode. No hacker ever truly gets away from that. Even here in Aotearoa there's an int $13 waiting... - -dave P.S. Congrats to NFR :> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFFi1RJtehAhL0gheoRAn0DAJ4tgAliqNiHVufan4NRUaS3GhxhuACeNEcQ Yb78CC9ktq3EmY34FWj4vCU= =6K+Q -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave DISCLAIMER The information contained in this electronic mail may be confidential or legally privileged. It is for the intended recipient(s) only. Should you receive this message in error, please notify the sender by replying to this mail. Unless expressly stated, opinions in this message are those of the individual sender and not of GFI. Unauthorized use of the contents is strictly prohibited. While all care has been taken, GFI is not responsible for the integrity of the contents of this electronic mail and any attachments included within. This mail was checked for viruses by GFI MailSecurity. GFI also develops anti-spam software (GFI MailEssentials), a fax server (GFI FAXmaker), and network security and management software (GFI LANguard) - www.gfi.com _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- From int $13 to distributed object clouds Dave Aitel (Dec 22)
- <Possible follow-ups>
- Re: From int $13 to distributed object clouds Brian Azzopardi (Dec 22)
- Re: From int $13 to distributed object clouds Jon Passki (Dec 22)
- Re: From int $13 to distributed object clouds liquidfish (Dec 22)
- Re: From int $13 to distributed object clouds Jon Passki (Dec 22)
- Re: From int $13 to distributed object clouds Brian Azzopardi (Dec 28)
- Re: From int $13 to distributed object clouds liquidfish (Dec 28)