funsec mailing list archives
RE: Cambridge Professor Warns of Skype Botnet Threat
From: Austin <amckinle () andrew cmu edu>
Date: Thu, 26 Jan 2006 13:05:06 -0500
A SIP worm would have a pretty killer "locality" aspect. Hitting all the other SIP-enabled devices in someone's address book would be a great way to compromise a single large site quickly, especially since network-wide rollouts of VoIP usually have homogenous hardware.
Besides the personal exposure risk, think about the local DDoS you could get from compromising a couple hundred Cisco 7971's with gigabit ports... Bring down the local VLAN's, and saturate all those shiny inter-office links that give preferential QoS to VoIP traffic...
Austin--On Wednesday, January 25, 2006 11:26 PM +0000 Fergie <fergdawg () netzero net> wrote:
Agreed. :-) But that brings up an interesting point -- can you imagine a SIP worm? - ferg -- "Larry Seltzer" <larry () larryseltzer com> wrote: You just have to know that half or more of the people who read this will think that the systems are being infected through VOIP, but it's only being used as a back door channel of communications for systems that have already been infected through some other means. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer Contributing Editor, PC Magazine larryseltzer () ziffdavis com -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Fergie Sent: Wednesday, January 25, 2006 10:19 AM To: funsec () linuxbox org Subject: [funsec] Cambridge Professor Warns of Skype Botnet Threat I see Jon's busy stirring things up. :-) Via TechWorld. [snip] Voice-over-IP apps could be used to cloak networks of zombies, used to launch denial of service attacks, a Cambridge professor has warned. Armies of ordinary PCs - "botnets" - that have been infected by a virus and put under malicious control, could be controlled and orchestrated by messages hidden in VoIP traffic generated by programs such as Skype, warned Jon Crowcroft, Marconi professor of communications systems at Cambridge University. [snip] More here: http://www.techworld.com/news/index.cfm?NewsID=5232 [snip] -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Cambridge Professor Warns of Skype Botnet Threat Fergie (Jan 25)
- RE: Cambridge Professor Warns of Skype Botnet Threat Larry Seltzer (Jan 25)
- RE: Cambridge Professor Warns of Skype Botnet Threat Richard M. Smith (Jan 25)
- Re: Cambridge Professor Warns of Skype Botnet Threat Paul Schmehl (Jan 25)
- encrypted botnets? Gadi Evron (Jan 25)
- <Possible follow-ups>
- RE: Cambridge Professor Warns of Skype Botnet Threat Fergie (Jan 25)
- RE: Cambridge Professor Warns of Skype Botnet Threat Larry Seltzer (Jan 25)
- RE: Cambridge Professor Warns of Skype Botnet Threat Austin (Jan 26)
- RE: Cambridge Professor Warns of Skype Botnet Threat Nick FitzGerald (Jan 27)