From: | Tzeentch tzeentch666@*********.net |
---|---|
Subject: | The Matrix: Gearhead Discussion |
Date: | Mon, 29 Nov 1999 18:56:22 -0800 |
> wrote and it was very well thought out. I do agree with several of your
> points. But the above statement might let me make my point perfectly.
<ducks for cover> Well at least this discussion is not semi-degenerating
into flamewars like my posts on the Deep Resonance forums (I must have a
real low online Charisma...)
> Classified data packets are quite possibly passing over my backbone router
> now since I'm in a University. No I can't see them, and it would take a
bit
> of effort to see them, let alone get to them. However, I can see the
router
> itself. If I started flooding that router with enough crap, all of the
data
> going to it is going to eventually get held up. That includes the basic
> stuff that I can see and the classified stuff that I can't.
Well actually a lot of universities are right on the internet backbone so
they may very well see these packets zipping around - you won't since the
routers upstream of you throw it out before it gets to you.
Yes you could flood the router simply by sending gigantic amounts of spam to
anyone on their network. But YOU have to have the bandwidth as well. IE if
you're on a 56K connection good luck saturating someones T1 line. You COULD
get a shell account and do it (but THEY have to have the bandwidth too...).
I agree, you could cause some problems this way, but the average Joe Decker
will not have access to the bandwidth to pull some stunt like this. Now a
lot of Joe Deckers on the other hand....
> Now if I would try to do that to each router in the Aztech pyramid, I
could
> get the same effect. I probably wouldn't know all of the different types
of
> data that are going in there. But its all data, and it has been
established
> that they all go through the Matrix. I'm not looking at it as a "metaplane
> of data" either. I'm looking at it as there are a few big rooms in that
> pyramid where all of the fiber optic goes in from the outside world and
> gets routed throughout the building. If you can cause enough spam, hang-up
> phonecalls, router traces and what have you to go through that set of
> routers, you can get them to shut down.
Well if you knew all the networks (assuming the future still uses such
things) you could try to spam all the routers. Depending on how "smart"
future routers are and how connections are identified they could just perm
ban all traffic from certain addresses (might not be a problem so much with
deckers since their ID codes are intentionally munged).
Or better yet, they have a LOT more bandwidth then you probably do. They
could do a reverse resolution and start spamming YOUR network. That would be
a standard Trace/ICE function (see, some of the decking system makes perfect
sense). It's difficult to hide the origin of your traffic (yes it can be
done) but that's what Stealth represents eh? I'm sure your Matrix provider
would not take kindly to users causing these sort of problems and might even
start implementing bandwidth caps to prevent abuse (cablemodem companies are
doing this now to discourage everyone and their pet monkey from setting up
warez ftp sites).
I agree, you could technically spam them into oblivion. What are other
peoples thoughts on the technical merits of this? Without any data (at ALL)
on how deckers connect to the Matrix (they have to have an account with
SOMEONE, even a fake one) it's hard to postulate how they could be traced or
blocked.
For important routers and such...my bet is if this becomes a problem they
would just plain ignore all traffic except from certain trusted sources
(other backbone connections, UCAS Online users, whatever). That way Joe
Decker with Local Matrix Provide X would have to work harder to cause
problems (and most 'hackers' are way to lazy to work).
I concede your point though. It COULD work.
> In fact, the corp will even help you with their own security measures.
From
> a physical wiring and security standpoint, its easier to send signals
> through a few key chokepoints. If the company controls access to those,
> they can control access to their system. What you do is block the access
> between their system and the rest of the world. Its like all of your
> plumbing in your house is working fine, but there's a big block between
the
> city water and your main pipe. As long as no water is coming in from the
> outside, doesn't matter how good your other plumbing is.
Again, depending on the tech and how their network is set up they could
start using vanishing SANs and other uplink/downlink methods that you may
not know about all.
System Admin A: "Damn, all the routers are at 100% saturation AGAIN this
week. I though the ICE division plugged all the holes in the routing
algorithm?"
System Admin B: "Bah, those losers are probably still working on that
Marilyn Monroe icon for their new Trace program - the knobs... Guess the new
exploit for their last fix has already hit the decker nets. Don't remember
seeing it during my last sweep of the pirate boards, must have missed it..."
System Admin A: "Blah, any second now those uncultured worms from marketing
will be calling asking why they can't access their stock portfolios."
System Admin B: "Switch to the backup network, not as much bandwidth but it
will do the job ok. And send a routing update to network operations so that
they know to put the backup public sites online."
System Admin A: "Yah, I'll also get NetSec to do a sweep looking for the
fools who released the exploit this time, nuyen to optisoft it's that
Hoosier Hacker group.."
These backups could be anything from a leased line usually used for
diagnostics to cell connections and satellite uplinks. You might block
people coming IN but it would be hard to block all traffic going OUT. They
could bring backup sites online, update the global registeries in the LAN to
point to the new addesses and people might not even notice the difference.
In the meantime they would be able to spend time tracking you down (And
having attacks constantly "on" does not sound like a good plan - unless you
have money to burn as they kill your frames and knowbots).
> I hope this explains what I was trying to say a little better.
It's doable as you describe. But since you don't see that sort of thing
happening today overmuch (usually they exploit a flaw in the hardware or
software until it's patched) I don't imagine it become ultra-common in the
future. I'll ask a friend a lot more knowledgable in exploits of this kind
and see what he thinks.
Cool discussion though, got me thinking about a lot of aspects of the SR
decking scene that have been a little..err.underdescribed (like where
deckers get accounts to log on with).
Ken
Ebola Monkey Hunter Z
> Sommers
> Insert witty quote here.