lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: mfratto at nwc.com (Mike Fratto)
Subject: Counter-Attacking hackers? Is this really a good idea?

 
> > Are these guys nuts? I'm not sure if this is a good
> > idea or not.
> 
> Oddly enough, this *has* been discussed...at length. 
> That doesn't mean that it's not worth discussing
> more...

It's a bad idea for a few reasons. First, you don't know where the attacker
is. Just because packets are coming from an IP address, doesn't mean that is
the computer the attacker is sitting. It could be any number of compromised
computers the attacker uses to hide their trail. So you end up attacking an
innocent computer. Second, attacking a computer is illegal. Third, attacking
an attacker doesn't do a whole lot to really stop the problem, which is
basically if you got rooted, then your computer is poorly protected. Try to
solve the root problem.

Spend your time protecting your systems, learn the relevant USC codes to
prosecuting attackers, learn how to gather data for prosecution, report
problems to your ISP and the offending ISP, and contact, if appropriate, the
authorities. That's a better use of your time.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ