Nice, sounds almost exactly like what I said a few days ago. Good to see the bullet-proof wikipedia has my back.
Steven www.securityzone.org > > http://en.wikipedia.org/wiki/0day > > > /thread > > --=Q=-- > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Jason > Sent: Tuesday, September 25, 2007 11:55 AM > To: J. Oquendo > Cc: Chad Perrin; pdp (architect); Gadi Evron; [EMAIL PROTECTED]; > full-disclosure@lists.grok.org.uk; Crispin Cowan > Subject: Re: [Full-disclosure] 0day: PDF pwns Windows > > > > J. Oquendo wrote: >> Jason wrote: >> >>> You present a valid position but fall short of seeing the whole >>> picture. >> >>> As an attacker, nation state or otherwise, my goal being to cripple >>> communications, 0day is the way to go. Resource exhaustion takes >>> resources, something the 0day can deprive the enemy of. >> >> Counterpoint... You're trying to shoot me down with 0day crap: >> >> You --> 0day attack --> My Infrastructure >> >> Me --> Botnet --> Your infrastructure > > Perhaps, if you can catch me everywhere I can be. The problem is that my > attacks, using my 0day, are run from your infrastructure by my forward > teams, long entrenched in your society. > > If I want to knock out your infrastructure to render it unusable I'm > going to do it in a way that I can either > > - control when and how it goes down and makes it resistant to restore > efforts (Exploiting vulns to gain control ) > > - destroy it entirely causing you to expend massive resources to rebuild > it > >> >> Never having to consume any resources other than a point and click shoot >> em up attack, I necessarily won't even have to use my own resources. So >> shoot away as your network becomes saturated. >> >>> Knocking out infrastructure with attacks is a far more effective >>> strategy. You can control it's timing, launch it with minimal >>> resources, >>> from anywhere, coordinate it, and be gone before it can be thwarted. >>> The >>> botnet would only serve as cover while the real attack happens. >> >> In a strategic war, most countries aim to eliminate supply points and >> mission critical infrastructure as quickly as possible. In a >> cyberwarfare situation me personally, I would aim to 1) disrupt/stop via >> a coordinated attack whether its via a botnet or something perhaps along >> the lines of a physical cut to a nation's fiber lines. >> >> 0day would only serve me afterwards to perhaps maintain covert states of >> communication. Maybe inject disinformation through crapaganda. Imagine >> an enemies entire website infrastructure showing tailored news... Would >> truly serve a purpose AFTER the attack not during. > > You don't start that after the fact, you start it before, maintain it > during, and follow through victory. > >> >>> I am more inclined to believe that botnets in use today really only >>> serve as cover, thuggish retribution, and extortion tools, not as >>> effective tools of warfare. No real warfare threat would risk exposing >>> themselves through the use of or construction of a botnet. >>> >> >> Luckily for most companies and government, botnets aren't being used for >> their full potential. And I don't mean potential as in they're a good >> thing. I could think up a dozen cyberware scenarios in minutes that >> would cripple countries and businesses. I believe countries, providers >> and governments should at some point get the picture and perhaps create >> guidelines to curtail the potential for havoc - imagine hospitals being >> attacked and mission critical life saving technologies taken offline. >> >> > > The botnet still only serves as cover for this activity. It is a tool, > like the rest, but not a primary weapon for use in active wide scale > infrastructure dos. Taking out infrastructure on a wide scale using > resource exhaustion requires too much resource. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/