WAR with Bot Net WMDs
WAR with Bot Net WMDs
By Gerald Internet Anthropologist Think Tank
03.30.09
Red Team, bad guys
Blue team, good guys
Red team has conflicker, 15 million bots.
About 1 million bots per WWW node.
Crash them all 13 at once and the WWW goes down,
almost, as the backbone would be gone but the outer
layers carrying limits are unknown.
First try, Whack a mole,
Target one node with 15 million bots,
when it crashes target node #2, etc.
If Red team can crash the nodes faster
than Blue team can bring them up,
Red team will eventually bring down the WWW.
The time it takes to bring down web depends
on this whack a mole, cycle.
Second try split up bots to hit 3 nodes at a time
And as they crash switch to new node, etc.
Cycle time is much faster but due to limited number of bots
the attack is lighter.
The Blue team is fast shutting down the sub-nodes
with the heaviest traffic of Red Teams bot net zombie
PC's. Red teams bots are fast loosing contact with command center
and targets as their rails are shut down.
If the Red team can ID slow response nodes those will be
knocked down first.
If all nodes are slow to react of Red team has enough
zombies to take all the nodes down, NO one will be able to
connect to any backbone servers, all links will be made
thru back outer channels.
Limiting speed and traffic volume.
Why it might not be possible to actually bring down the
entire net, the Red Team may make it feel like the world
is wired to phone lines not T1's.
And maybe shut down the central section almost completely.
And after the 13 nodes are down the Red team can start
on the outer connections.
Whack a mole. And as nodes are brought up, this also
brings up zombies.
If the Blue team can raise all the nodes at once then they
have a fighting chance, if they have to bring them up
one at a time then its much eaiser to take them down again.
Part of the trick seems to be to be on the RIGHT side of
the whack a mole game at the start and stay there.
Expect Red team to couple cyber attacks with kinetic attacks
to physically shut down nodes.
Blue team deploys army to physically protect nodes.
Its not IF, but WHEN.
So far if memory serves 9 of the 13 nodes have been
crashed at one time BEFORE.
On the other side, attack methods have increased
attack volume without bot increase.
Lack of exercises regarding this paradigm,
opens the door to crushing psyops,
involving the attack.
Gerald
Tactical Internet Systems analyst.
By Gerald Internet Anthropologist Think Tank
03.30.09
Red Team, bad guys
Blue team, good guys
Red team has conflicker, 15 million bots.
About 1 million bots per WWW node.
Crash them all 13 at once and the WWW goes down,
almost, as the backbone would be gone but the outer
layers carrying limits are unknown.
First try, Whack a mole,
Target one node with 15 million bots,
when it crashes target node #2, etc.
If Red team can crash the nodes faster
than Blue team can bring them up,
Red team will eventually bring down the WWW.
The time it takes to bring down web depends
on this whack a mole, cycle.
Second try split up bots to hit 3 nodes at a time
And as they crash switch to new node, etc.
Cycle time is much faster but due to limited number of bots
the attack is lighter.
The Blue team is fast shutting down the sub-nodes
with the heaviest traffic of Red Teams bot net zombie
PC's. Red teams bots are fast loosing contact with command center
and targets as their rails are shut down.
If the Red team can ID slow response nodes those will be
knocked down first.
If all nodes are slow to react of Red team has enough
zombies to take all the nodes down, NO one will be able to
connect to any backbone servers, all links will be made
thru back outer channels.
Limiting speed and traffic volume.
Why it might not be possible to actually bring down the
entire net, the Red Team may make it feel like the world
is wired to phone lines not T1's.
And maybe shut down the central section almost completely.
And after the 13 nodes are down the Red team can start
on the outer connections.
Whack a mole. And as nodes are brought up, this also
brings up zombies.
If the Blue team can raise all the nodes at once then they
have a fighting chance, if they have to bring them up
one at a time then its much eaiser to take them down again.
Part of the trick seems to be to be on the RIGHT side of
the whack a mole game at the start and stay there.
Expect Red team to couple cyber attacks with kinetic attacks
to physically shut down nodes.
Blue team deploys army to physically protect nodes.
Its not IF, but WHEN.
So far if memory serves 9 of the 13 nodes have been
crashed at one time BEFORE.
On the other side, attack methods have increased
attack volume without bot increase.
Lack of exercises regarding this paradigm,
opens the door to crushing psyops,
involving the attack.
Gerald
Tactical Internet Systems analyst.
Internet Anthropologist Think Tank Efforts:
Internet Anthropologist Think Tank: Cyber forces, authority, New pardigms.
Internet Anthropologist Think Tank: Cyber Company on patrol
Internet Anthropologist Think Tank: Cyber Over Watch Troops
Internet Anthropologist Think Tank: Inside view of IATT..
Internet Anthropologist Think Tank: The Internet Anthropologist Team
http://warintel.blogspot.com/2008/10/our-intel-production-record.
Labels: WAR with Bot Net WMDs
posted by gerald at
3/30/2009 05:11:00 AM
READ MORE
READ OR SUBSCRIBE, Our WAR OSINT on Twitter
Tweet
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home