Code Red seems to be back.
Adam Shostack
adam at homeport.org
Tue Sep 18 12:13:49 PDT 2001
On Tue, Sep 18, 2001 at 09:49:30AM -0700, Bill Stewart wrote:
| Somebody did a paper about a hypothetical "Andy Warhol Virus",
| studying how long it takes to take over a server,
| how many servers you can attack per minute, and
| what it would take to coordinate an attack that really hit everywhere.
| 15 minutes is about enough to hit most of the net,
| if you find holes in Apache and IIS that don't need manual tweaking,
| and if you don't alert people by scribbling their pages with
| "Hacked by Chinese" or "Reformatted by bin Laden" before you're done.
| Our chief weapons are surprise, exponential growth and
| dividing up target address space effectively,
| with quick checks to make sure you don't waste time on infected machines,
| and, purely optionally, an almost fanatical analysis of hosting center configs.
Someone else (Staniford?) did a paer on flash worms, which add a
pre-scan of the Internet for vulnerable machines, so that you start
higher on the exponential curve. Its a good thing script kiddies
don't read the literature.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
More information about the cypherpunks-legacy
mailing list