Storm, Nugache lead dangerous new botnet barrage

Tyler Durden camera_lumina at hotmail.com
Thu Jan 17 03:23:11 PST 2008 

Makes me wonder whether there's some way to make peace with our new Spam
overlords. Maybe get in on the action somehow. Seems to me the battle's very
nearly lost if the botnet is functioning in a way that we can live with and
that is very hard to tamper with.

-TD

> Date: Sat, 12 Jan 2008 15:01:54 -0800
> To: rabbi at abditum.com
> From: bill.stewart at pobox.com
> Subject: RE: Storm, Nugache lead dangerous new botnet barrage
> CC: pgut001 at cs.auckland.ac.nz; camera_lumina at hotmail.com;
cypherpunks at al-qaeda.net; eugen at leitl.org; info at postbiota.org
>
> At 10:37 AM 1/12/2008, Len Sassaman wrote:
> >On Sat, 12 Jan 2008, Peter Gutmann wrote:
> > > (Alternatively, "because they can".  They're not paying for the
> > overhead, it
> > > doesn't really make much sense not to encrypt everything).
> >I don't agree -- they *are* paying for the overhead. Not in dollars, but
> >in CPU cycles (and a minor programming overhead.) If you increase the
> >performance degradation on the hosts in the botnet, you're going to lose
>
> Encrypting the control channel isn't going to burn a lot of CPU;
> hopefully the botnet doesn't need more than a few KB/hour of control,
> and almost certainly it wouldn't need more than a few KB/sec of data
> (such as spam-target email addresses), so encrypting it's low-horsepower.
>
> The heavy-resource job of a bot is sending out lots of packets to targets,
> whether it's spam email sessions or DDOS UDP packets,
> and the limiting factor on that is upstream bandwidth, typically
128-768kbps.
> On a modern CPU you could even encrypt that traffic if you wanted,
> without the CPU breaking a sweat, though the only application I can see for
> that
> is encrypted SMTP sessions if you're spamming somebody high-tech.
>
> Most computers have enough spare CPU that they can burn it looking for
> space aliens or folding proteins at home without noticing a performance
hit;
> the real trick on keeping resource consumption low enough to not be noticed
> is managing upstream bandwidth so that you don't stifle http queries and
> TCP acks.

_________________________________________________________________
Need to know the score, the latest news, or you need your Hotmail.-get your
"fix".
http://www.msnmobilefix.com/Default.aspx

More information about the cypherpunks-legacy mailing list