Penetration Testing mailing list archives
Re: bittorrent == botnet
From: <c0redump () ackers org uk>
Date: Wed, 4 Oct 2006 20:33:01 +0100
Try your theory out tonight... Lost S03E01... :P Tom Neaves----- Original Message ----- From: Jason M Frey
To: Jason L. Ellison ; pen-test Sent: Wednesday, October 04, 2006 7:35 PM Subject: RE: bittorrent == botnet While I'm no bittorrent expert, I would think that this would likely not produce the desired results. You may post a popular torrent, but the seed/leech numbers would not attract a mass of individuals. You would have to post a torrent that is not available anywhere else, but would be highly desirable. Even then, however, I suspect that the traffic created by the initiation of a torrent connection would not be sufficient to overburden the network. Jason -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Jason L. Ellison Sent: Tuesday, October 03, 2006 4:26 PM To: pen-test Subject: bittorrent == botnet A friend and I were discusing the possible uses of the bittorrent network in DDOS's. It could be a very massive botnet if you advertised popular files with the targets ip address and target service. In the most recent version of azerus I noticed that the default settings ignore clients that advertise on ports "0;25;135;139". For instance if I falsely advertise: HTTP, RDP, SIP, VNC ports and the victims ip address and loaded my client with very popular hashes... I would think this would overburden most small medium businesses without having to own or buy a botnet. comments? -Jason Ellison ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016 00000008bOW ------------------------------------------------------------------------ The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If the reader of this message is not the intended recipient, you are hereby notified that your access is unauthorized, and any review, dissemination, distribution or copying of this message including any attachments is strictly prohibited. If you are not the intended recipient, please contact the sender and delete the material from any computer. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- bittorrent == botnet Jason L. Ellison (Oct 03)
- RE: bittorrent == botnet Jason M Frey (Oct 04)
- Re: bittorrent == botnet c0redump (Oct 04)
- Re: bittorrent == botnet Arkem Paul (Oct 04)
- Re: bittorrent == botnet c0redump (Oct 04)
- Re: bittorrent == botnet Nicolas RUFF (Oct 09)
- <Possible follow-ups>
- RE: bittorrent == botnet Elias-Bachrach, Ari (721) (Oct 05)
- RE: bittorrent == botnet Gadi Evron (Oct 05)
- RE: bittorrent == botnet Jason M Frey (Oct 04)