Re: Profiling Hackers..

[Ali-Reza Anghaie <ali () packetknife com>]

On Sunday 06 April 2003 00:57, nigel () 26354 net wrote:
> Are there any organizations that profile hackers and hacker
> groups?

Yeah, the FBI..  ;-)  Among others I'm sure.

> Has anyone used a Honeypot for this type of forensic work?

I recall some work being done to characterize attacks but for the most part 
you'll gets lots of the same. Of course it'd be really nice if something 
like a Distributed Checksum Clearinghouse (anti-spam) could be made for 
Honeypots/Snort/etc. DCC for IDS systems... hrmm.

Not that you could get enough processed in real-time but it might be good 
for future investigation, wider-spread threat identification.

Come to think of it, this must be the way some companies and organizations 
work today.

If I get enough sleep to think straight, I might look into this. Thanks for 
the thought.  ;-)

Cheers, -Ali

-- 
OpenPGP Key: 030E44E6
--
Was I helpful?:  http://svcs.affero.net/rm.php?r=packetknife
--
And, Lord, we're especially thankful for nuclear power, the
cleanest, safest energy source there is, except for solar, which is
just a pipe dream. -- Homer Simpson

Attachment: _bin
Description: signature