Re: bittorrent == botnet

From: Arkem Paul (bob@mornmist.com)
Date: Wed Oct 04 2006 - 20:25:31 EDT

• Next message: Thor (Hammer of God): "Re: Informing Companies about security vulnerabilities..."
• Previous message: Wolf Halton: "Re: Informing Companies about security vulnerabilities..."
• In reply to: c0redump@ackers.org.uk: "Re: bittorrent == botnet"
• Next in thread: Elias-Bachrach, Ari (721): "RE: bittorrent == botnet"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I've heard of Gnutella networks being used as an anonymous DDoS
platform, have a look at this AusCERT advisory
http://www.auscert.org.au/render.html?it=2404

-Arkem

c0redump@ackers.org.uk wrote:
> Try your theory out tonight... Lost S03E01... :P
>
> Tom Neaves
>
> ----- Original Message ----- From: Jason M Frey
> To: Jason L. Ellison ; pen-test
> Sent: Wednesday, October 04, 2006 7:35 PM
> Subject: RE: bittorrent == botnet
>
>
> While I'm no bittorrent expert, I would think that this would likely not
> produce the desired results. You may post a popular torrent, but the
> seed/leech numbers would not attract a mass of individuals.
>
> You would have to post a torrent that is not available anywhere else,
> but would be highly desirable. Even then, however, I suspect that the
> traffic created by the initiation of a torrent connection would not be
> sufficient to overburden the network.
>
> Jason
>
> -----Original Message-----
> From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
> On Behalf Of Jason L. Ellison
> Sent: Tuesday, October 03, 2006 4:26 PM
> To: pen-test
> Subject: bittorrent == botnet
>
>
> A friend and I were discusing the possible uses of the bittorrent
> network in DDOS's. It could be a very massive botnet if you advertised
> popular files with the targets ip address and target service. In the
> most
> recent version of azerus I noticed that the default settings ignore
> clients that advertise on ports "0;25;135;139".
>
> For instance if I falsely advertise: HTTP, RDP, SIP, VNC ports and the
> victims ip address and loaded my client with very popular hashes... I
> would think this would overburden most small medium businesses without
> having to own or buy a botnet.
>
> comments?
>
> -Jason Ellison
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
> 00000008bOW
> ------------------------------------------------------------------------
>
>
>
>
>
> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential and/or privileged
> material. If the reader of this message is not the intended recipient,
> you are hereby notified that your access is unauthorized, and any review,
> dissemination, distribution or copying of this message including any
> attachments is strictly prohibited. If you are not the intended
> recipient, please contact the sender and delete the material from any
> computer.
>
>
>
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
>
> ------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
>
> ------------------------------------------------------------------------
>
>
>

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: Thor (Hammer of God): "Re: Informing Companies about security vulnerabilities..."
• Previous message: Wolf Halton: "Re: Informing Companies about security vulnerabilities..."
• In reply to: c0redump@ackers.org.uk: "Re: bittorrent == botnet"
• Next in thread: Elias-Bachrach, Ari (721): "RE: bittorrent == botnet"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:05 EDT