WebApp Sec mailing list archives
RE: Hack the hackers :)
From: <stevenr () mastek com>
Date: Thu, 15 Apr 2004 21:15:49 +0530
A very good question, the exact one that is making this paper so controversial. This is what those guys have to say for this "...In regards to spoofed attacks, when there is no positive identification of the attacker (that is, we cannot positively attribute an attack back to its source), deploying defensive countermeasures and reporting intelligence would be most appropriate. However, this decision (and the power to initiate an offensive countermeasure) ultimately resides in the hands of our customer...." May not be the perfect solution for all security problems, but this would make script-kiddies and saboteurs think twice before hitting a competitors network if they are going to have their own network washed out in retaliation. Regards, Steven Rebello -----Original Message----- From: Kevin Hammond [mailto:kghammond () nrscorp com] Sent: Thursday, April 15, 2004 9:07 PM To: Steven Rebello; webappsec () securityfocus com Subject: RE: Hack the hackers :) How do you attack the attackers, if the attackers are attacking from a compromised network??? Kevin Hammond Network Administrator NRS Corporation 608-273-4665 x223 http://www.nrscorp.com/ -----Original Message----- From: stevenr () mastek com [mailto:stevenr () mastek com] Sent: Thursday, April 15, 2004 6:08 AM To: webappsec () securityfocus com Subject: FW: Hack the hackers :) Hi folks, Came across this paper "On the Rules of Engagement" from Symbiot Inc proposes that a strong network defense system is not deterrent enough. They suggest countermeasures by "returning fire" against the attackers network, basically attack the attackers networks. If I am not mistaken, this is the first time such an approach has been formalised. Its gonna be worth seeing how this is taken forward. http://symbiot.com/media/iwROE.pdf Heres an interesting interview by onlamp.com with the writer of this paper http://www.onlamp.com/pub/a/security/2004/03/10/symbiot.html Regards Steven Rebello MASTEK "Making a valuable difference" Mastek in NASSCOM's 'India Top 20' Software Service Exporters List. In the US, we're called MAJESCO ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Opinions expressed in this e-mail are those of the individual and not that of Mastek Limited, unless specifically indicated to that effect. Mastek Limited does not accept any responsibility or liability for it. This e-mail and attachments (if any) transmitted with it are confidential and/or privileged and solely for the use of the intended person or entity to which it is addressed. Any review, re-transmission, dissemination or other use of or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. This e-mail and its attachments have been scanned for the presence of computer viruses. It is the responsibility of the recipient to run the virus check on e-mails and attachments before opening them. If you have received this e-mail in error, kindly delete this e-mail from all computers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2004 NRS Award and NRS Conference Sept 8-9 Applications are available. Go to www.nrscorp.com.
Current thread:
- FW: Hack the hackers :) stevenr (Apr 15)
- Re: Hack the hackers :) A.D. Douma (Apr 15)
- <Possible follow-ups>
- RE: Hack the hackers :) Kevin Hammond (Apr 15)
- RE: Hack the hackers :) stevenr (Apr 15)
- Re: Hack the hackers :) Walter Wart (Apr 15)
- RE: Hack the hackers :) Tom Martin (Apr 15)