RE: Profiling Hackers..

["Toby Miller" <toby_miller () adelphia net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I am/have worked on profiling/rating your enemy. The work I have done
can be found at www.ratingthehacker.net.

                        Toby

On Sunday 06 April 2003 00:57, nigel () 26354 net wrote:
> Are there any organizations that profile hackers and hacker
> groups?

Yeah, the FBI..  ;-)  Among others I'm sure.

> Has anyone used a Honeypot for this type of forensic work?

I recall some work being done to characterize attacks but for the
most part
you'll gets lots of the same. Of course it'd be really nice if
something
like a Distributed Checksum Clearinghouse (anti-spam) could be made
for
Honeypots/Snort/etc. DCC for IDS systems... hrmm.

Not that you could get enough processed in real-time but it might be
good
for future investigation, wider-spread threat identification.

Come to think of it, this must be the way some companies and
organizations
work today.

If I get enough sleep to think straight, I might look into this.
Thanks for
the thought.  ;-)

Cheers, -Ali


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPpBGXFLhpjRJgUE5EQIyAACgqhdYtY/VXGkkOskQhrckFGlwhGAAoJBJ
hS58Nf539rITHssgvcklZpDH
=P3wU
-----END PGP SIGNATURE-----