lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: dan_20407 at msn.com (DAN MORRILL)
Subject: Counter-Attacking hackers? Is this really a good idea?

It is interesting that this has come up.

Currently there are a number of folks considering an idea called "active 
defense" which is basically hacking the hackers. There have been a number of 
legal viewpoints on this from basically no, to a "tresspass" issue where in 
tresspass it is ok to then do what you need to do. There is interest from my 
knowledge only in this from the city/state/federal level because of critical 
infrastructure. IE If the hacker is owning your 911 system, then you have to 
take them out to get control of the 911 system back.

Admitted, keeping up to date on patches (regardless of OS), keeping in the 
loop in general is a good thing. But there are interesting papers on "active 
defense", and this has been circulating for more than a year that I am aware 
of. I was not aware that someone had made any progress on a technology other 
than policy/procedure.

Thanks for the info, liked this thread.
r/
Dan



>From: Joe Stewart <jstewart@...hq.com>
>To: full-disclosure@...ts.netsys.com
>Subject: Re: [Full-Disclosure] Counter-Attacking hackers? Is this really a 
>good idea?
>Date: Mon, 8 Mar 2004 10:05:35 -0500
>
>On Monday 08 March 2004 9:06 am, Harlan Carvey wrote:
> > Oddly enough, this *has* been discussed...at length.
> > That doesn't mean that it's not worth discussing
> > more...
>
>Here's one of the better papers I have seen on the ethics of the
>counter-hack. And I'm not just saying that because a friend wrote it :)
>
>http://www.lurhq.com/ethics.html
>
>
>-Joe
>
>--
>Joe Stewart, GCIH
>Senior Security Researcher
>LURHQ http://www.lurhq.com/
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html

_________________________________________________________________
Frustrated with dial-up? Lightning-fast Internet access for as low as 
$29.95/month. http://click.atdmt.com/AVE/go/onm00200360ave/direct/01/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ