funsec mailing list archives
Re: Cambridge Professor Warns of Skype Botnet Threat
From: Paul Schmehl <pauls () utdallas edu>
Date: Wed, 25 Jan 2006 15:42:18 -0600
--On Wednesday, January 25, 2006 15:19:18 +0000 Fergie <fergdawg () netzero net> wrote:
I dunno. Maybe I'm dense. How is this different from any other method of control once you encrypt the traffic? (And please don't tell me that IM or IRC can't be encrypted.) The issue isn't the protocol being used. It's the behavior. And how does encrypting the traffic *hide* the botmaster?I see Jon's busy stirring things up. :-) Via TechWorld. [snip] Voice-over-IP apps could be used to cloak networks of zombies, used to launch denial of service attacks, a Cambridge professor has warned. Armies of ordinary PCs - "botnets" - that have been infected by a virus and put under malicious control, could be controlled and orchestrated by messages hidden in VoIP traffic generated by programs such as Skype, warned Jon Crowcroft, Marconi professor of communications systems at Cambridge University. [snip] More here: http://www.techworld.com/news/index.cfm?NewsID=5232
Scenario: 100,000 bot network 10,000 "sub" controllers 1000 "master" controllersAll traffic between these 100,000 bots is encrypted Skype, and the traffic patterns match DDoS or spam runs. Gee. I wonder what's going on there? But we can't tell because {{{gasp}}} it's encrypted!
Huh? What am I missing? Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/ir/security/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Cambridge Professor Warns of Skype Botnet Threat Fergie (Jan 25)
- RE: Cambridge Professor Warns of Skype Botnet Threat Larry Seltzer (Jan 25)
- RE: Cambridge Professor Warns of Skype Botnet Threat Richard M. Smith (Jan 25)
- Re: Cambridge Professor Warns of Skype Botnet Threat Paul Schmehl (Jan 25)
- encrypted botnets? Gadi Evron (Jan 25)
- <Possible follow-ups>
- RE: Cambridge Professor Warns of Skype Botnet Threat Fergie (Jan 25)
- RE: Cambridge Professor Warns of Skype Botnet Threat Larry Seltzer (Jan 25)
- RE: Cambridge Professor Warns of Skype Botnet Threat Austin (Jan 26)
- RE: Cambridge Professor Warns of Skype Botnet Threat Nick FitzGerald (Jan 27)