On Mon, 12 Sep 2005, Suresh Ramasubramanian wrote:
On 12/09/05, Joel Jaeggli <joelja@darkwing.uoregon.edu> wrote:
It doesn't scare us... ever try nmaping a /48?
one host at a time? from a single point? nope - once v6 becomes common enough someone will just write a nice little distributed botnet to propagate around it.
Drop me a line when your botnet finishes scanning 3FFE:0000::/16 and moves on to 2001:xxxx:: Probing for hosts isn't realistic. That doesn't rule out other resource discovery methods obviously, in fact it insures that they'll have to be used...
who wants nmap when all you need is to throw enough common exploits blindly at a series of hosts?
the era of carefully crafted exploits against a single large host is almost dead, except for really high value hosts.
botnets are kind of an industrial revolution in this area
For v4 space, spray and pray works well enough...
digital set-top boxes and tv's that need bi-directional communication to unwrap drm, That's order of a billion or so devices in the US over the next 10 years.
a TV botnet will probably leave your channel locked onto a 24x7 feed of Barney the big purple dinosaur and ... AAAH THE TENTACLES
But seriously, computing power that people would use for moon landings
Uh... lunar module computer (1969), 5000 transistor cpu, 74k rom 4k ram.
a few years back is available on ubiquitous home devices that were never intended to be connected to the internet.
Even low end parallax basic stamps have more horsepower than that.
Security is something that really must be taken into account now, before it starts to become a problem
It's already to late, to stop it before it's a problem.
--srs
-- -------------------------------------------------------------------------- Joel Jaeggli Unix Consulting joelja@darkwing.uoregon.edu GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2