Firewall Wizards mailing list archives

RE: Castles and Security (fwd)

From: "Marcus J. Ranum" <mjr () nfr com>
Date: Wed, 03 Jan 2001 19:15:20 -0800

Security Related wrote:

All we can do is spend our time checking that all our troops know thier roles and are skilled in them, listen to the 
local rumor mill and try to get a little advanced notice of impending strikes, and try to second guess our enemy's 
methodology before it happens.


I absolutely disagree.

That's certainly _one_ option. The other option is to go on the offensive.

Imagine if somewhere between 10% and 20% of the "hacker sites" were
actually owned and operated by netcops. Now you've got some probability
of collating who is doing what through traffic analysis. Next, imagine that
toolz are actually fingerprinted, tracked, and designed to accidentally
be vulnerable to traffic analysis. Further, imagine that a significant but
undetermined percentage of the "hackers" out there are actually netcops.
This by itself would not dramatically cut back on hacking -- but what it
would do is separate the hackers from the support infrastructures that
they currently enjoy openly. That'd hurt, slow them down, put them on
the defensive. More importantly again we have the targeting problem: there
would still be plenty of hacking activity going on, but it'd now be an FFZ
they'd be operating in, rather than a sheltering environment in which
information can be easily exchanged. Engaging in unrestricted
information warfare against the hackers would be extremely effective,
I bet. It'd drive the real hard-core operators way underground - which
would further improve the good guys' targeting ability on the rare
occasions the hard cases felt confident enough to stick their heads
up for a second.

Don't misunderstand me and interpret this as _advocating_ we do
such a thing, but it's completely possible. I don't think I'd like to live
in a world where law enforcement does such things any more than most
of the rest of the readership of this list. But it's utterly _possible_.

mjr.


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

Castles and Security (fwd) Lance Spitzner (Jan 02)
- Re: Castles and Security (fwd) Talisker (Jan 02)
- Re: Castles and Security (fwd) Darren Reed (Jan 02)
- <Possible follow-ups>
- RE: Castles and Security (fwd) Jürgen Nieveler (Jan 02)
- RE: Castles and Security (fwd) twaszak (Jan 03)
  - RE: Castles and Security (fwd) Marcus J. Ranum (Jan 03)
    - Re: Castles and Security (fwd) Crist Clark (Jan 03)
- Re: Castles and Security (fwd) Antonomasia (Jan 03)
- RE: Castles and Security (fwd) Stiennon,Richard (Jan 03)
- RE: Castles and Security (fwd) Security Related (Jan 03)
  - RE: Castles and Security (fwd) Marcus J. Ranum (Jan 03)
    - Re: Castles and Security (fwd) Crispin Cowan (Jan 03)
- RE: Castles and Security (fwd) Lance Spitzner (Jan 03)
  - Re: Castles and Security (fwd) Darren Reed (Jan 03)
    - Re: Castles and Security (fwd) John McDermott (Jan 03)
    - Re: Castles and Security (fwd) Darren Reed (Jan 03)
    - Re: Castles and Security (fwd) M.Schubert (Jan 04)
- RE: Castles and Security (fwd) Marcus J. Ranum (Jan 03)
  - Re: Castles and Security (fwd) Darren Reed (Jan 03)
    - Re: Castles and Security Title Randy Grimshaw (Jan 04)
  - RE: Castles and Security (fwd) daN. (Jan 03)

(Thread continues...)