2.3 Worm Propagation

Worms already pose one of the biggest threats to the internet. Currently, worms
such as Code Red or Nimda are capable of infecting hundreds of thousands of
hosts within hours and no doubt that better engineered worms would be able
to infect to reach the same result in a matter of seconds. Worms propagating
through P2P applications would be disastrous: it is probably the most serious
There are several factors which make P2P networks attractive for worms [13]:
• P2P networks are composed by computers all running the same software.
An attacker can thus compromise the entire network by finding only one
exploitable security hole.
• P2P nodes tend to interconnect with many different nodes. Indeed a
worm running on the P2P application would no longer loose precious time
scanning for other victims. It would simply have to fetch the list of the
victim’s neighboring nodes and spread on.
• P2P applications are used to transfer large files. Some worms have to
limit their size in order to hold in one TCP packet. This problem would
not be encountered in P2P worms and they could thus implement more
complicated behaviors.
• The protocols are generally not viewed as mainstream and hence receive
less attention from intrusion detection systems.
• P2P programs often run on personal computers rather than servers. It is
thus more likely for an attacker to have access to sensitive files such as
credit card numbers, passwords or address books.
• P2P users often transfer illegal content (copyrighted music, pornography
...) and may be less inclined to report an unusual behavior of the system.
• The final and probably most juicy quality P2P networks possess is their
potentially immense size.
Once worms finish propagating, their goal is usually to launch massive DDOS
attacks (W32/Generic.worm!P2P, W32.SillyP2P, ...) against political or commercial
targets (whitehouse.gov, microsoft.com, ...).

No comments:

Post a Comment

Hi thank you for comment in Assignment Lanka " Book Mark on me' To future references.

Note: Only a member of this blog may post a comment.


" Temporary " means that every project has a definite beginning and a definite end. The end is reached when the project's ob...

Assignment Lanka Populer Posts ever