TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
|  No big surprise there; any application can be used
"There isn't a protocol you can't use as a covert signalling channel," responded Kurt Sauer, director of security operations at Skype. "Some large commercial groupware products have encrypted XML streams -- they may not be quite as good at firewall traversal, but that's still an opaque data stream."
The real trick is to not get your PC infected and on a botnet at all. How it is controlled after the PC is taken over is pretty much irrelevant. Maybe the professors Skype control method is harder to track down, but it is still pretty easy to determine if a PC is part of a botnet and is infected. And the corporate solution is still the same in every case - nuke the machine and rebuild it from a wiped hard disk.
And for home users, the solution should be the ISP revoking their access until the machine is cleaned up. But I won't hold my breath waiting for them to do that.
--
--
Join Red Room Forum
My Web Page |
|
MichiganTelephone
@130.94.x.x
 from:
jester121 
|  Sock Puppet Alert!!!
Didn't anyone bother to click over the the About page and notice that "The Communications Research Network" is, and I quote:
A GROUND-BREAKING INITIATIVE SPONSORED BY CMI AND SUPPORTED BY BT
That's BT as in British Telecom. Not that THEY would have any ulterior motive in scaring people away from VoIP! |
|
moko
join:2002-12-22
Fayetteville, GA | your right on the money michigantelephone.......i was thinking the same. |
|
spiralspirit
join:2005-10-01
Canada | thanks
Well thanks Jon Crowcroft! I was planning my zombie-bot network and I just didnt know what kind of control mechanism to use. NOW THE WORLD WILL BE MINE. |
|
Death2U
Premium
join:2006-01-22
| My Kazaa theory
It's funny I was thinking about how evil the Kazaa app is and came up with "The future of Kazaa". No doubt this thing with all its bundled software can easily be turned into a botnet but get this. Kazaa has constant control over Skype, it could initiate a telemarketer call bot simply by using 3 way conferencing, it calls the telemarketer and the telemarketing victim, hiding the marketer from prosecution from the federal Do not call list! And just think, telemarketing calls to you as well over VOIP! What a nightmare! Evil Sharman is on the way to be the first telemarketing botnet! Can you just see it? Not impossible at all. It frightens me! |
|
Death2U
Premium
join:2006-01-22
| reply to TKJunkMail
Re: No big surprise there; any application can be
said by TKJunkMail :And for home users, the solution should be the ISP revoking their access until the machine is cleaned up. But I won't hold my breath waiting for them to do that.
ISP should ask the consumer if mass data were transmitted by them at those specific times and if they say no, likely a bot. Your solution seems all good at first, but trust me, traffic from P2P apps look like bots from a network perspective and we don't need to give an ISP any more excuse to throttle/bottle them. Not all bots have to use standard ports, they could just uplink to another computer functioning as a proxy on port of the hacker's choice! The more bounces, the more work the law has to track it down. How would you like your isp to say, "due to high levels of botnets in this area, we will be blocking all but http and certain e-mail traffic". Don't snicker at this because a few isp's in this supposedly free country practically have. It's to the point online games don't work. Trust me I must use an ISP but I am against the industry. |
|
