funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Botnets Could Hack Any Site

From: "Fergie" <fergdawg () netzero net>
Date: Fri, 1 Dec 2006 18:50:57 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Well, hack is a relative term, but... anyways.

Via Seeking Alpha.

[snip]

There is a story floating around that U.S. financial firms have been warned
of an al Qaeda cyber attack today. According to the story, the attack would
be directed against banks and online stock trading firms.

Could al Qaeda take down a few banks and brokers?

Let's start by assuming that an online broker/bank has somewhere between
100 mbps and 1Gbps in bandwidth. Let's further assume that you need not
saturate that entire pipe on your own, that, for the sake of argument, you
need only get to 25%, assuming normal traffic flows. In other words, you'd
need to produce a sustained 250 mbps, assuming 1 Gbps pipes to an eTrade.

For sure al Qaeda would need a few computers to do that sort of thing. And
they'd need to have varying IP addresses, or they'd be blocked almost
immediately.

So, could al Qaeda do it? You bet: via botnets. The largest botnet that has
been taken down so far was 120,000 nodes, which is far more than you'd need
for this job. A typical hacker estimate is that you can take down your
average corporate site with a 500 to 1,000-machine botnet, and so let's say
you need to rent access to a 5,000 to 10,000-machine botnet to do a bank or
broker. [In case you're curious, large botnets have been shown to suck up
as much as 40 Gbps in bandwidth.]

[snip]

More:
http://internet.seekingalpha.com/article/21549

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.1 (Build 1557)

wj8DBQFFcHl/q1pz9mNUZTMRAvSwAJ4uWTNqSEXuN7ABInBMNH0p9va9RgCg3qpQ
30atTfAKbAQ3ae858U6d14s=
=wcmJ
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: