--- Michal Zalewski <lcamtufat_private> wrote: > On Thu, 16 Aug 2001, Stuart Staniford wrote: > > > We argue that a well-prepared and well-designed worm could infect > all > > vulnerable Internet servers in less than thirty seconds - something > we > > are calling a Flash Worm. > > While I'm impressed with publications like this, and I am sure we > should > think seriously of scenarios described there, I hardly believe in "30 > seconds" or "15 minutes" or any similar scenario for few reasons... People often ask me "what motivates people to write worms". The above discussions highlights one of the prime motivations. In the scientific community, we don't believe theories and propositions, only experimental evidence. Therefore, to prove that somebody can take down the Internet in 30 seconds, you actually have to do it. Otherwise, nobody really believes you. For example, everyone talked about the dangers of DDoS attacks, but people didn't really pay attention until Yahoo went down. I agree with Michal -- the Internet is surprisingly non-linear in behavior. It doesn't mean Stuart's work is wrong, just that we won't really know for sure until somebody does it. Ultimately, it isn't the researchers that will get credit for such things, but the cyberterrorists who actually carry out the attacks (e.g. Mafiaboy) and prove they work. __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sat Aug 18 2001 - 10:22:36 PDT