Re: Blitzkrieg Server -- For Real?! ( LONG )

[Nick Drage <maillists () smartways com>]

All,

With regard to:-

At 17:59 06/05/98 -0500, arager () McGraw-Hill com wrote:
>     Came across these links on CNN and the May98 issue of Signal Magazine.

article:
>     http://www.us.net/signal/CurrentIssue/May98/make-may.html

vendor's home page
>     http://www.fvg.com/

( The applets at the second site launched a DoS attack on my Netscape
Communicator 4.05, so I never got past the first page...... )

>     Anyone else heard of this? Seems like pure hype based on fiction to 
>     me....Is this pure marketing smoke, or is there some sort of unreal 
>     counter-attack technology bundled into this product?

I'd like to second this request.  Buried amongst all the jargon ( which I
suspect is all B.S. ) it seems you install this product, then collect your
pension.  I would be very interested to see what InfoSec gurus make of such
comments as:-

"the Blitzkrieg server is a self-programmed, fault-immune, ubiquitous
virus-like system"

( fault-immune??? "The Blitzkrieg Server: Programmed by God" )

and

"In a graphical server or workstation application development environment,
the information warfare system
is ready for operational deployment and network assimilation."

( does this sentence actually mean anything? )

and the classic

"At the heart of the Blitzkrieg server are what Wood calls self-programmed
adaptive
automatacapsids--variable length string transformation rules. The rules
have extremely power-adaptive,
problem-solving qualities and self-healing and regenerative properties.
"When examined on an individual
basis, no automatacapsid in and of itself has any meaning. The
automatacapsid only has value in the
context of the distributed Blitzkrieg server network collective," Wood
discloses."

To my eyes the article says:-

1) Install the software on nearest computer.
2) Blitzkrieg Server then installs itself on every other computer on your
network, regardless of permissions.
3) This Blitzkrieg Server network will then analyse and stop any present
and future attacks, and also launch counter attacks against the originating
attackers.
3a) Oh, and it also predicts attacks before they happen as well.

Lots of interesting questions, which I'm sure you've all thought of already.

The main one though is relating to the idea of giving any network
protection software a Strikeback capability.  As has been very ably pointed
out by previous contributors the source of attacks cannot be reliably
established.  Therefore it seems the ideal way to attack a well defended
network is to launch an attack against a Blitzkrieg Server, or similar,
that seems to come from the actual target network.... then stand well back
and watch the firefight.


--

Nick Drage, Sysadm, Smartways Technology.
( nickd@ for personal email - thank you )