Web Parasites

[Ahmik]

Internet Week 

** Web 'Parasite' Is Hatched

Free computing power is available on the Internet, but you have
to resort to some chicanery to get it. Researchers at the
University of Notre Dame have discovered a way to trick Web
servers into helping them solve computational tasks by taking
advantage of the Internet's TCP/IP data-transmission protocol.

The technique, which they've dubbed parasitic computing, involves
breaking a computational problem into discrete elements that are
computed by the computer's checksum, a mathematical function that
TCP/IP carries out to ensure transmitted data hasn't been
corrupted in transit. Separate servers solve different parts of
the problem, and their answers are combined for the solution.
Although the technique is inefficient, and therefore unlikely to
be used, some experts believe it could be improved upon by taking
advantage of more advanced computations that Web servers
automatically do, such as encryption.

Eugene Schultz, research director for Predictive Systems Inc.'s
managed security services division, says that in 1989, IP
spoofing, a technique used by system crackers to masquerade as
trusted hosts, was new and considered esoteric. Few security
professionals at the time thought it could be used to compromise
computer systems. Today, IT spoofing is widely used to break into
computer systems. He believes parasitic computing also will
become widespread. Just as human hosts often don't know they're
infected by parasites until they become ill, networks targeted
for parasitic computing may not show any symptoms until
bottlenecks become evident.

This possibility has prompted one of the Notre Dame researchers,
Albert-Laszlo Barabasi, to devise rules for the open-source
intrusion-detection system called Snort, so that attempts to
target hosts using their technique can be identified and foiled.
More information on parasitic computing and Snort can be found at
http://update.informationweek.com/cgi-bin4/flo?y=eEd50BiXrO0V20SXh0AW
- Jason Levitt