DIY Hardware Botnet

gumstix board

Here's a crafty idea I had for a small, clandestine network of servers. GumStix sells tiny linux computers about the size of a stick of gum. They weigh about a quarter ounce - less than two teaspoons of water - and require very little power to run. They can also be configured to connect to WiFi or ethernet networks and set up like any other linux server, using a few cheap gigs on an SD card. All you need to do is set it up to automatically connect, enable remote access and connect it to a network somewhere. Voila, hidden server not easily traced to you, and because of it's small form factor it's easy to hide.

I came up with a couple ideas for setting up the botnet. We'll want to hide them on a lot of different networks, make sure they're always connected, and always have power. All over the world, ideally, and we don't want to do a lot of sneaking around to install them. Simplest idea I've had so far is to buy a bunch of cheap broadband/Wifi routers and put the gumstix PC inside the case. It has power, it's safe and dry, they're almost always online. Cover up one of the ethernet ports with a piece of PCI slot cover and connect the pins to your little server. Fiddle with the firmware on the router to allow it to invisibly access the net, then sell it on eBay UK.

Most Joe Bob Anybodys aren't going to open up their router to poke around, even if they did one more tiny green board is unlikely to arouse any suspicion, it's not like consumers pour over the circuit diagrams of their stuff. The UK is saturated with cheap broadband right now, so the router's likely to be plugged in to at least four megabits, sixteen if we're lucky (or we make our own luck). If you keep the server's bandwidth use moderate Joe Bob's highly unlikely to notice anything amiss :-)

Admittedly this is a fairly expensive way to go about building a personal botnet, but I it has advantages in terms of building web hosting swarms, and it sidesteps most of the issues you'd have to deal with when setting up a net. Compromised PCs can be turned of, get spyware infections, get replaced more often than routers and are not a good place to hide a bunch of files you're publishing.

Another idea is to do the same thing with a network printer, those big office printers that connect directly to the network rather than through a PC. The drawback to this is that business are more likely to have a clued-up IT department watching (and auditing) network traffic. But... who's going to suspect that the printer is up to no good? Watching. Listening. Projecting cold, critical malice from it's little LCD display, blowing whispered curses out the exhaust fan. Its hatred can be felt, warm to the touch, on every fresh page that slides out of it. No one ever suspects the printer.

But I digress. Newbie admins, take note. Printers are a serious risk to sensitive data and overall security. They know all about your documents before you can even put them in a folder marked Top Secret. It's been done before, during the cold war the CIA had Xerox technicians install a camera in the Russian Embassy's photocopier in Washington. Imagine the implications of a compromised printer in a bank or your small, local stockbroker's. But I'm more concerned with making a distributed hosting setup.

With WiFi in the mix the possibilities multiply. By playing the part of 'repair guy' they could be installed in electric signs, street lights, etc inside a weatherproof case (marked with *dire* warning labels) within range of hotspots. But that seems like more work than just posting them inside of cheap plastic routers.

Then again, I don't actually have use for a botnet, it's fun to work out some options :-)

. . . Image credit cs.gmu.edu, Academic Free Licence

Created 2006-11-01 01:06:21 by 340 and filed under hacking

Comments

marday writes...

Hublot watches replica
IWC watches replica
Jaeger-LeCoultre watches replica
omega watches replica
Panerai watches replica
Parmigiani Fleurier watches replica
Patek Philippe watches replica

posted: 2011-02-23 01:06:13