----- Original Message ---- From: Paul G. Allen <[EMAIL PROTECTED]> To: Main Discussion List for KPLUG <[email protected]> Sent: Sunday, November 25, 2007 8:12:31 PM Subject: Re: China has the largest (DoS) Denial of service capability....!
Andrew Lentvorski wrote: > > Compared to the zillions of zombified Windows machines, I doubt China is > that impressive. Maybe China is counting on all those Windows machines. > > In addition, all of China's traffic gets throttled through a small > number of optic links, IIRC. > > Simply pulling the plug on those links stops anything China wants to do. Easier said than done. Not to mention, once an attack has started, pulling the plug after the fact could do nothing to solve stop it See below.) > > This is not true for the zombies that already exist in our own country. How many of those zombies are (or can be) controlled by the Chinese? How would we know one way or another? What would it take for the Chinese to set the zombies off? > > Yes, China has cyber-warfare as one of its goals--*as does our military*. >> China's military is probably ahead, but it's hard to tell how their hacking >> skills compare with the skills that exist in the US today. I can certainly >> see however that a organized force could be more effective. China is a lot farther along than we are. > > And, if our military *doesn't* have cyber-warfare as one of its goals, > then our military is pathetically stupid. > >>One problem is that that military's cyber warfare is not coordinated among >>the Navy, Army and Air Force. It's hard to see why the military is still >>using Windows on their critical systems. The militiary however is putting a >>lot of effort into securing their systems. The military has a set of guides >>called the STIG's (standard implementation guidelines). Having worked extensively with the military (Navy, Marines, and Army), I can attest to the fact that they are indeed stupid. They are very limited in their training as it seems focused on purely military goals and systems. Not to mention that the people making the decisions as to what technology is used have purely political aims in mind. Their most important systems use insecure Windows operating systems and networks. They are way behind the curve when it comes to computer and network security. There are thousands of computers on military bases with access to military networks that could easily be used in DDoS attacks. If I were wanting to effect such an attack on an enemy country, I would use that countries own weaknesses against them (as I would do as part of any military strategy). In this case, one large weakness are the millions of Windows computers in the country and the thousands of corporate Windows networks. All those zombied machines, all those systems waiting for my bots to take control and effect a DDoS (or other cyber warfare). Now as a Linux user, I don't have to worry about my systems or networks being compromised and being a part of a DDoS by anyone. Not that a Linux system can't be compromised, but it's not as trivial as it is with Windows. PGA -- Paul G. Allen, BSIT/SE Owner, Sr. Engineer Random Logic Consulting Services www.randomlogic.com -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
