Re: bittorrent == botnet

From: c0redump@ackers.org.uk
Date: Wed Oct 04 2006 - 15:33:01 EDT

Try your theory out tonight... Lost S03E01... :P

Tom Neaves

----- Original Message -----
From: Jason M Frey
To: Jason L. Ellison ; pen-test
Sent: Wednesday, October 04, 2006 7:35 PM
Subject: RE: bittorrent == botnet

While I'm no bittorrent expert, I would think that this would likely not
produce the desired results. You may post a popular torrent, but the
seed/leech numbers would not attract a mass of individuals.

You would have to post a torrent that is not available anywhere else,
but would be highly desirable. Even then, however, I suspect that the
traffic created by the initiation of a torrent connection would not be
sufficient to overburden the network.

Jason

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Jason L. Ellison
Sent: Tuesday, October 03, 2006 4:26 PM
To: pen-test
Subject: bittorrent == botnet

  A friend and I were discusing the possible uses of the bittorrent
network in DDOS's. It could be a very massive botnet if you advertised
popular files with the targets ip address and target service. In the
most
recent version of azerus I noticed that the default settings ignore
clients that advertise on ports "0;25;135;139".

  For instance if I falsely advertise: HTTP, RDP, SIP, VNC ports and the
victims ip address and loaded my client with very popular hashes... I
would think this would overburden most small medium businesses without
having to own or buy a botnet.

comments?

-Jason Ellison

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
00000008bOW
------------------------------------------------------------------------

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. If the reader of this message is not the intended recipient,
you are hereby notified that your access is unauthorized, and any review,
dissemination, distribution or copying of this message including any
attachments is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete the material from any
computer.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:05 EDT