"Hacker Baiters"
Results 1 to 7 of 7

Thread: "Hacker Baiters"

  1. #1
    Senior Member
    Join Date
    Feb 2004
    Posts
    373

    "Hacker Baiters"

    Here is an interesting read on a new line of defence:

    "Hacker baiting solutions are set to discourage even the most sophisticated attacker by feeding him a raft of false information and painting completely false pictures of target computer systems."

    "Early evidence is that hacker baiting could soon be seen as the first line of defence in a security infrastructure for companies of all sizes."

    "If these systems are installed accordingly to the standard policy, they look like everything else on the network. So fingerprinting based on emulation is impossible since nothing is emulated."

    http://allafrica.com/stories/200406170701.html

  2. #2
    Senior Member
    Join Date
    Nov 2003
    Posts
    107
    It seems like a big, great idea, but I don't see any info on implementation or any current designs that currently work. I think it'd be a great idea if it worked, but, if systems broadcast false information....how are legitimate systems supposed to work? It would seem that implementing conventional methods and securing your network presently would be as cost-effective as trying to fake being some other network.
    Is there a sum of an inifinite geometric series? Well, that all depends on what you consider a negligible amount.

  3. #3
    Senior Member
    Join Date
    Jun 2004
    Posts
    112
    I have seen many people talk about fooling scanners from fingerprinting their network by re-writing the way the tcp-ip stack answers requests, thereby leading an attacker to believe that the target sytem had a completely different os than it actually does. While this may seems crazy to some it all depends on how far you want to take security. I actually think that this "hacker baiting" thing sounds like a pretty good idea. It will definately make crackers look at how they break into sites/networks if this does get implemented and spread throughout. But then again as is always the case someone wil find work arounds and ways to fingerprint systems but hey if it slows them down and you catch wind of it, it will allow you to prepare.

  4. #4
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,836
    doesn't a honeypot have a similiar goal?

  5. #5
    Wasnt there a Linux Program with the same ides?Called portsentry, Opened a heap of fake Ports with ability to block log and counter an attack

  6. #6
    Senior Member
    Join Date
    Feb 2004
    Posts
    373
    reaper44, looks like porsentry will send the port scanner to a blackhole, not actually change the appearance of your network, like this hacker baiting. Will be interesting to see if this works consistantly, and realiably


    -----------------------------------------------------------------------------------------------------------------------------------------------------------
    Linux Only features:

    Port Sentry can capture packets on Linux making it capable of detecting "stealth" scans that the default port binding method will never see. It also makes it unnecessary to bind to the ports you wish to monitor.

    Pros:

    Stealth scan detection on Linux.

    Cons:

    A port scan detector that binds to ports is a terrible idea. It advertises services (usually those that are known to be hackable, which is why Port Sentry binds them in the first place) that aren't there, making your server seem like a hackers goldmine. This forces you to use Port Sentry's counter measures (routing the port scanner to a blackhole or bringing up a firewall rule to blck the attacker).
    -----------------------------------------------------------------------------------------------------------------------------------------------------------
    http://www.linux.ie/articles/portsen...rtcompared.php

  7. #7
    Senior Member
    Join Date
    Jun 2004
    Posts
    281
    This sounds like a great idea. I actually thought about this idea a bit ago (implementing it was a different story) but I am happy to see I wasn't the only one that thought of this idea. True I didn't create it but I knew it could be done.


    - MilitantEidolon
    Yeah thats right........I said It!

    Ultimately everyone will have their own opinion--this is mine.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •