Security Basics mailing list archives
Strikeback Security
From: nacule () gmail com
Date: 5 Oct 2005 06:10:55 -0000
A counter-strike or strike-back security strategy involves actively attacking Internet users and systems that are attacking your assets. A number of people have written papers and posted opinions on this topic, and almost everyone has a very strong viewpoint. I dont want to get into the ethics and legality of a strike-back security strategy as it would just be beating a dead donkey. But what I would like to know is this, (without any names) does anyone know of an organization that currently employs such a strategy? I read about a late 90s research exercise which claimed that an amazingly large number of fortune 500 companies did actively implement such a strategy. Also, if you know of someone who employs such a strategy, what is the average percentage of collateral damage (i.e where they go after the wrong system/network and as a result bring down an innocent party)? This percentage would generally be low if all strike-back was done manually, but there are automated systems such as the Sidewinder G2 Firewall that allows for an automated strike-back (and I guess some organizations must have developed their own automated strike-back systems as well). I know people are not very forthcoming with this type of information, but I just want to get and idea on how widely and effectively strike-back security is practiced amongst organizations.
Current thread:
- Strikeback Security nacule (Oct 05)