Posts Tagged botnet
As 2011 draws to a close, I wanted to take a moment to thank everyone who has helped me this year. It has been an amazing year! Here’s a short list of my highlights:
– In January I gave a SIP Tutorial for the FCC staff in DC. It was a great event, and hopefully I will get another chance to do it again in 2012. The FCC has lots of VoIP and SIP work to do with the transition of the PSTN and E911 to all VoIP. Hopefully we can soon end the ridiculous subsidies for rural telephone service and instead use them to subsidized high speed Internet service for rural areas. My friend Henning Schulzrinne was just appointed Chief Technology Officer, so I know the FCC is in good hands technically. I also enjoyed giving the SIP Tutorial in Miami, Sydney, and Austin.
– In February I published my first novel, a Techno thriller about a massive attack on the Internet that gives this blog its name – Counting from Zero. Little did I know how much hacking and security stories there would be in 2011. Some have even called 2011 the Year of the Hactivist, which is hard to argue with. Overall, I couldn’t be happier with the response to the book. Thank you do much to anyone who has read, reviewed, tweeted, or blogged about it – I am very grateful. Look for more book news in early 2012…
– In March I participated in my first robotics competition. The experience was amazing, and I look forward to the start of another build season in just over a week!
– In April, the ZRTP VoIP media security protocol was published as an RFC by the IETF, after 6 years of hard work. Editing this document is my small contribution to making the Internet more secure. Here’s to more adoption and deployment in 2012.
– In May the RTCWEB Working Group was chartered by the IETF. The work is progressing slowly but steadily. I expect more progress in 2012, and hope for some strong security to be built into the protocols – lets show that we have learned something over the years…
– In June, I participated in the first ever SIP Network Operators Conference or SIPNOC for short. It was a great success and really shows how SIP has grown up. I am privaleged to have another term on the Board of Directors of the SIP Forum. With the publication of SIPconnect the SIP Trunking recommendation, the business use of SIP continues to grow and expand.
– In November, I has my first experience as a cricket coach. My son started the Priory Amateur Cricket Association or PACA as a club at his school. It has been a blast so far helping the boys learn the basics of cricket. They have done a great job, although we need to reduce the number of no balls! In 2012 we plan to play a one day match against a local cricket club.
So, here’s to 2011 – it was definitely an interesting year! I hope it was a good one for you and yours. Here’s to 2012!
In my techno thriller Counting from Zero, I write about a botnet, short for robot network – a group of compromised computers organized using the Internet to act in coordinated ways. These ‘bots are used to launch packet flooding attacks called distributed denial of service attacks, or DDOS. In short they are bad news, and my protagonist invests considerable energy in tracking down the botnet to try to neutralize it.
Today, I’m writing about a very different ‘bot – a robot that I have helped build as part of the robotics club at my son’s school. I’m taking the day off work to help setup in readiness for tomorrow’s robotics competition.
This is my first year as a mentor of roborebels robotics club at St Louis Priory School, Team #1329 FIRST Robotics Competition (FRC). For the past 7 weeks we have been constructing the robot and writing the Java software to control it. I have really enjoyed the experience. From watching the kickoff video, reading the rule book, brainstorming the design, to actually constructing and driving the robot: it has been great! I’ve been really impressed with the way the high school kids have taken on the challenge. At the start, it is obvious some have never used power tools before, but by the end, they don’t think twice as they move from the drill press to the chop saw.
This year’s game is called “Logomotion”, and the robots have to hang inflated tubes on pegs on the wall. It should be a lot of fun! The day when we hung our first tube on a hook 10 ft (3m) up in the air was really a thrill. Now we will see if we can do it in the competition!
After spending a day getting our robot ready and practicing the game, I’m just amazed at the variety and creativity of all the groups. We all started with the same goals and description, but came up with so many different designs, shapes, and styles. Now, I can’t wait for tomorrow’s competition. And it is nice to be working with a good ‘bot for a change.
I came across this article the other day thanks to my friend Olle, who’s blog “VoIP Forum – Open Source and Open Standards in IP Communications” is often filled with interesting information about my industry.
It is entitled “A Distributed Cracker for VoIP” and it is a real life example of how some of my interests are coming together. The article mentions a botnet (short for a robot network – a collection of ‘zombie’ computers that have been taken over by someone), P2P (peer-to-peer) message routing, and VoIP (Voice over Internet Protocol – putting voice and phone calls over the Internet). And BTW, “cracker” doesn’t refer to the food, it means a password cracker or breaker.
If you have read or heard about my new techno thriller Counting from Zero, all these topics will be familiar, as they all form part of the plot in the book! The additional thing this article adds is a mention of SIP or Session Initiation Protocol, which really brings it all together for me! For a hint why, check out my Author Page at Amazon…
My professional life over the past 13 years or so has revolved around SIP. SIP is an Internet protocol – a way that computers establish voice, video, or other sessions over the Internet for communication. It has been widely adopted in Voice over IP (VoIP) and also in video conferencing services. Most telephone companies today are deploying Internet Protocol (IP) networks and running SIP over it to carry phone calls. For the past 10 years or so, my home has never been without a “SIP Phone” on my desk. A SIP Phone looks like a normal telephone, with a handset, a keypad, and a ringer, but instead of plugging into a telephone jack, it has an Ethernet jack and plugs into the Internet! Wherever on the Internet I plug in the phone, it has my identity and I can place and receive phone calls.
Above is a picture of a SIP phone made by my employer, Avaya, which is used in corporate offices. Many of you will recognize the Cisco phones that have become the staple telephone prop in television and movies – these phones are all VoIP phones, and many are also SIP phones.
The blog post “A Distributed Cracker for VoIP” is about a botnet with P2P routing that uses zombie computers to discover and attack SIP VoIP phones and systems (known as a PBX or Private Branch Exchange) by trying to guess the passwords. And the results are sent back to a shadowy command and control center for the botnet. I’m sure there will be more and more of this in the future.
Interesting how various interests can come together like this – something that happens a lot with the Internet.
First, I needed feedback from readers, so I enlisted various friends and family, some in the publishing industry, some not. My brother Chris was an early reviewer and gave me good feedback on the part on the water. (I’m being deliberately vague for to-be readers who haven’t yet read the book!) I made quite a few tweaks and changes, and fixed seemingly a million typos and nits. I probably went through four major drafts over a period of about eight months. Fortunately, I had my IETF (Internet Engineering Task Force) standards writing experience behind me, which had taught me how many revisions are sometimes needed before something is ready for publication. I often describe IETF standards work as the ultimate peer reviewed documents. For example, one of the documents I co-authored underwent 21 revisions over 9 years before it was finalized and published as an RFC document! (Here is only the latter part of the journey!)
Once I felt I had the manuscript ready, I had it copyedited and proofread. I then wrote a one page ‘query letter’ to literary agents and began sending it all over. I was shocked at how many agents will not accept a query from email! They actually require you to kill a tree, pay money to the postal service, and have it delivered as snail mail – just so they can read it on a piece of paper! I didn’t query any of those agents – if they are so last century in their business methods, would they even appreciate my high tech thriller? Not likely! I probably sent out about 120 queries in total. I ended up getting about a dozen requests for a partial or full manuscript. Then I waited… and waited… and waited.
Then the whole Wikileaks Internet wars started. I knew something amazing was happening when I saw a USA Today headline that mentioned botnets! The timing was right, and I could not wait forever (or more than 8 weeks) for someone to skim a manuscript. I did eventually talk to one helpful agent that was interested, but she warned me that it would be about 6 months before she could get to work on it, and then it would likely take 12 months to land a publisher, and then it would likely be 12-18 months of publisher rewrites, edits, and process delays before it would be published! And I thought the 6-8 month times I have had with my technical book publishers, Artech House and Wiley, was a long time! For technology topics, these timelines are outrageously long!
So, I decided to take the plunge and self-publish. It was not as difficult as it might seem, although writing the promotional material was really, really hard. I had some help from friends in the industry, but that was definitely the hardest part. I used an app from Amazon called ‘kindlegen’ which worked pretty well to product a .mobi file from a .html source file. I was also pleased to be given the opportunity to sell my work the Amazon Kindle store without any DRM (Digital Rights Management), but that is a topic for another day…
I used the excellent online tools at Smashwords (great name!) to generate the other eBook formats, and I was quite happy with the results there, although there are a few font issues that I wasn’t able to fully resolve in all formats. The community at Smashwords seems really great as well, and I look forward to getting involved there.
For me, the two best things about self publishing are that I kept creative control of the book (there isn’t anything in there I didn’t want) and that I published on my timeline, not anyone else’s.
So right now I am quite happy with the experience, and getting feedback from friends, family, and people I don’t know about my book is just the best! Next time I’ll share some thoughts about my experiences using social media to promote self-published eBooks.
I started writing Counting from Zero about a year ago on a high speed train heading out of Tokyo – sound familiar?
The book was really born much earlier. I had previously written four technical books and enjoyed the experience greatly. But the subject matter, Session Initiation Protocol or SIP, was extremely narrow and technical, and so not of interest to very many people. I had been thinking for a while about writing a book for a wider audience, and I was thinking along the lines of Internet security. Then I got the idea of trying to incorporate some useful technical information into a work of fiction.
I had written various pieces of fiction over the years, but just for my family and friends. (There are a few Star Trek fanfic stories out there that hopefully will never find their way to the Internet!) Instead of thinking about the plot, I first thought about the characters. This was a lot of fun! Once I felt like I knew Mick, Kat, Lars, Gunter, and Liz, I started getting ideas about situations I wanted to put them in, and the plot began to take shape. I re-read some of my favorite authors such as Jane Austen, Neal Stephenson, and Mark Twain for inspiration. At the suggestion of my best friend from high school, Steve George, I added the Security and Other Lies blog chapter interludes. The book slowly took shape.
I wrote most of the book while traveling: on airplanes, in hotel rooms, in airports, and on trains. I have spent time in nearly every setting of the book.
Then, I reached that place of decision: what to do with the Counting from Zero manuscript once I had a draft complete. Next time I’ll talk about how I became an eBook publisher.