funsec mailing list archives
Botnets Could Hack Any Site
From: "Fergie" <fergdawg () netzero net>
Date: Fri, 1 Dec 2006 18:50:57 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Well, hack is a relative term, but... anyways. Via Seeking Alpha. [snip] There is a story floating around that U.S. financial firms have been warned of an al Qaeda cyber attack today. According to the story, the attack would be directed against banks and online stock trading firms. Could al Qaeda take down a few banks and brokers? Let's start by assuming that an online broker/bank has somewhere between 100 mbps and 1Gbps in bandwidth. Let's further assume that you need not saturate that entire pipe on your own, that, for the sake of argument, you need only get to 25%, assuming normal traffic flows. In other words, you'd need to produce a sustained 250 mbps, assuming 1 Gbps pipes to an eTrade. For sure al Qaeda would need a few computers to do that sort of thing. And they'd need to have varying IP addresses, or they'd be blocked almost immediately. So, could al Qaeda do it? You bet: via botnets. The largest botnet that has been taken down so far was 120,000 nodes, which is far more than you'd need for this job. A typical hacker estimate is that you can take down your average corporate site with a 500 to 1,000-machine botnet, and so let's say you need to rent access to a 5,000 to 10,000-machine botnet to do a bank or broker. [In case you're curious, large botnets have been shown to suck up as much as 40 Gbps in bandwidth.] [snip] More: http://internet.seekingalpha.com/article/21549 - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.1 (Build 1557) wj8DBQFFcHl/q1pz9mNUZTMRAvSwAJ4uWTNqSEXuN7ABInBMNH0p9va9RgCg3qpQ 30atTfAKbAQ3ae858U6d14s= =wcmJ -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Botnets Could Hack Any Site Fergie (Dec 01)