RE: How do you become a Cyber Bounty Hunter?

["Rob Shein" <shoten () starpower net>]

I think you're adding too much power to what they had in mind.  They aren't
putting out a reward for freelancers to go hunt these guys down; they're
putting out a reward for people who can provide evidence to law enforcement
that gets them caught.  In other words, "If you know these guys, and rat
them out, we'll pay you big money."

> -----Original Message-----
> From: C Ryll [mailto:carolynryll () hotmail com] 
> Sent: Thursday, November 06, 2003 6:10 PM
> To: pen-test () securityfocus com
> Subject: How do you become a Cyber Bounty Hunter?
>
>
> After a discussion with some people regarding Microsoft's two posted 
> bounties, I understand that cyber bounty hunters are actually 
> available for 
> hire by companies. I am curious what knowledge base, or 
> experience, this 
> type of independent position would require. Where would you 
> obtain this form 
> of security knowledge? Given that MAC and IP can both be 
> spoofed, and that 
> victim systems are often used to launch some attacks, how do 
> you actually 
> get back to the original source?
>
> Note that I am not talking about fundamental security 
> knowledge (I.e., how 
> to secure a system, or determining if/what was on the 
> system), but how to 
> trace back to the origin of the attack while knowing that the 
> IP and MAC are 
> most likely spoofed and/or attacks rerouted.
>
> Respectfully,
> Carolyn.
>
> _________________________________________________________________
> Frustrated with dial-up? Get high-speed for as low as $26.95.  
> https://broadband.msn.com (Prices may vary by service area.)
>
>
> --------------------------------------------------------------
> -------------
> Network with over 10,000 of the brightest minds in 
> information security at the largest, most highly-anticipated 
> industry event of the year. Don't miss RSA Conference 2004! 
> Choose from over 200 class sessions and see demos from more 
> than 250 industry vendors. If your job touches security, you 
> need to be here. Learn more or register at 
> http://www.securityfocus.com/sponsor/RSA_pen-> test_031023
> and 
> use priority code SF4.
>
> --------------------------------------------------------------
> --------------


---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_pen-test_031023
and use priority code SF4.
----------------------------------------------------------------------------