[iwar] [Fwd: Big Bad Beowulfs Again] (fwd)

From: Fred Cohen
To: Beowulf List
From: fc@all.net
To: beowulf@beowulf.org
Sat, 13 May 2000 06:32:23 -0700 (PDT)

Messages sorted by: [ date ][ subject ][ author ][ recipient ]
Next message: From: Fred Cohen To: "[iwar] News"
Previous message: From: Robert W. Miller To: , "[iwar] FW: CERT Advisory CA-2000-05 Netscape Navigator Improperly Validates SSL Sessions"

fc  Sat May 13 06:33:13 2000
Received: from 207.222.214.225
	by localhost with POP3 (fetchmail-5.1.0)
	for fc@localhost (single-drop); Sat, 13 May 2000 06:33:13 -0700 (PDT)
Received: by multi33.netcomi.com for fc
 (with Netcom Interactive pop3d (v1.21.1 1998/05/07) Sat May 13 13:33:07 2000)
X-From_: sentto-279987-354-fc=all.net@returns.onelist.com  Sat May 13 08:32:19 2000
Received: from fg.egroups.com (fg.egroups.com [208.50.144.70]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id IAA02663 for ; Sat, 13 May 2000 08:32:19 -0500
X-eGroups-Return: sentto-279987-354-fc=all.net@returns.onelist.com
Received: from [10.1.10.38] by fg.egroups.com with NNFMP; 13 May 2000 13:32:24 -0000
Received: (qmail 26410 invoked from network); 13 May 2000 13:32:24 -0000
Received: from unknown (10.1.10.26) by m4.onelist.org with QMQP; 13 May 2000 13:32:24 -0000
Received: from unknown (HELO all.net) (24.1.84.100) by mta1 with SMTP; 13 May 2000 13:32:23 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id GAA14369 for iwar@onelist.com; Sat, 13 May 2000 06:32:23 -0700
Message-Id: <200005131332.GAA14369@all.net>
To: iwar@egroups.com
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen 
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Sat, 13 May 2000 06:32:23 -0700 (PDT)
Reply-To: iwar@egroups.com
Subject: [iwar] [Fwd: Big Bad Beowulfs Again] (fwd)
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Subject: Big Bad Beowulfs Again
Date: Sat, 13 May 2000 05:40:34 -0500
From: "jok707s@mail.smsu.edu" 
To: Beowulf List 

All this talk of genetic engineering has been very interesting, but I'd
like to get back to the subject of pure cyber-war. 

The general consensus seems to be that the major bottleneck on DOS
attacks is the bandwidth of the connection to the net backbone, so that
the parallel computing power of the beowulf is no big help.  If we grant
that (at least until there are some huge increases in bandwidth), this
still leaves a number of other security problems on the Net.  As Stephan
A.  Greene wrote in his message on this thread:

"As demonstrated recently by the "I LOVE YOU" email trojan, the Internet
and the people and organizations that use it are already at significant
risk from poorly designed applications, poorly trained users, lack of
security procedures and preparations (government and DoD sites dealt
with the problem by disconnecting), and protocols that lack strong
authentication/security features."

Let us assume that a hostile group is trying to disable as much of the
web as possible, all at once, in a coordinated attack.  (Maybe they read
the Unabomber Manifesto and they were really impressed by it; maybe they
have some other ideological ax to grind.) They design their beowulf,
from the ground up, with this intent in mind.  They have on each node
(and the server) the biggest hard drive that they can attach, and they
use this space for storing all the relevant weaknesses that they gather
from various sources: their own scanning, hacker sites, CERT reports,
Cybernotes issues, &c.  They are extremely patient and careful,
gathering and analysing the material for several years without being
detected.  When they finally feel that they are ready, they launch a
global attack which is not only varied in its methods (combining DOS,
email bombing, directory manipulations within cracked firewalls, web
site sabotage, &c, &c), but which is also designed to be synergistic:
the problems generated in one area should cause &/or aggravate problems
in other areas. 

Now my question is: would the computing power of a beowulf be helpful in
the preparation &/or the execution of such an attack? Would the analysis
of the interconnected weaknesses of the individual networks on the
Internet be the kind of task that can be helped out by parallel
computing? If so, how much and in what ways? Would the actual launching
of the attack be subject to the same bandwidth limitations as a pure DOS
attack?

Another question: has anyone actually wargamed this with one or more
real beowulf clusters? Of course, we can't try out the global attack for
real--but has anyone simulated a small version? Do we have *any* actual
empirical data on the potential harmful uses of beowulfs? Has the NIPC
tried anything like this? If anyone knows of any unclassified info on
this, I'd appreciate it. 

This should generate enough conversation for a while.  .  .  . 

Thanks again for everyone's feedback.  And if I ever want to create any
genetically engineered weapons, I'll know where to turn.  :-)

Joel

------------------------------------------------------------------------
Make new friends, find the old at Classmates.com:
http://click.egroups.com/1/4052/11/_/595019/_/958224744/
------------------------------------------------------------------------

------------------
http://all.net/

Next message: From: Fred Cohen To: "[iwar] News"
Previous message: From: Robert W. Miller To: , "[iwar] FW: CERT Advisory CA-2000-05 Netscape Navigator Improperly Validates SSL Sessions"