From: Susumu Harada (harada@cs.washington.edu)
Date: Tue Nov 30 2004 - 23:33:21 PST
"How to 0wn the Internet in Your Spare Time"
S. Staniford, V. Paxson and N. Weaver
In this surreptitiously titled paper, the authors outline some of the key
features of recent and "successful" Internet worms, identifying the
techniques they employed as well as proposing futher "improvements" to
their methods which could have made the worms even more effective. After
painting a grim picture of the vulnerable Internet highly prone to massive
worm attacks, the authors go on to provide suggestion for a creation of an
Internet equivalent of a Center for Disease Control that can dedicate
resources to identifying, stopping, and researching various virus and worm
based threats against the Internet.
I was fascinated to learn how easily and quickly a worm can spread given
an exploitable security hole using techniques such as localized scanning
and multiple vectors. It was even more surprising to see how with fairly
simple modifications, the worms can be made even more effective through
the use of expanded hit lists, partitioned permutation scan, and
contagion.
It is a scary fact how great of an impact such a massive scale attack can
have on our modern society. As more and more aspects of our daily lives
are becoming dependent on the connectivity provided by the Internet, the
ability to thwart such debilitating attacks becomes of paramount
importance.
It seems that the greatest threat comes from the fact that there are
millions of computers on the Internet that are insecure or vulnerable due
to the owner's lack of awareness about the exposed security risks and the
know-how for how to fix them. Part of the problem also lies in the
manufacturers of software who introduce the vulnerabilities in the first
place, albeit unintentionally. There should be more emphasis placed on
user education, as well as greater demand on software manufacturers for
greater accountability with respect to the level of vulnerability of their
software.
This archive was generated by hypermail 2.1.6 : Tue Nov 30 2004 - 23:33:21 PST