|
-
May 20th, 2004, 09:48 PM
#1
Readers Say It's OK To Strike Back At Hacker Attacks
I just love a good controversy.
Security Pipeline readers came out in force to defend the notion that the victim of a hacker attack has a right to strike back against his attackers.
- Yes, the best defense is a good offense.
68% - 1155 votes out of 1697
- No, vigilante justice is wrong.
32% - 542 votes.
Pro's
"Attacking someone while they are in the act of attacking you in an attempt to stop the attack is not vigilantism. Its just plain self-defense."
"Don't shoot at me and I won't shoot at you. A person has a right to self-defense, especially when there is no one else to protect you."
"The fact is, victims should be able to see justice in the form of convicted attackers or monetary retribution. But, who is out there working for victims? Vigilante justice is always wrong, and in this case, worse because the true attackers are difficult to find. There needs to be more co-ordinated and legally defined methods of finding and prosecuting malicious hackers."
Con's
"The problem is that no self-respecting cracker uses their own system to stage an attack. Normally they bounce their packets though an unsuspecting party's misconfigured proxy server or through a box they've already rooted. Obviously, striking the system of such an unsuspecting party thinking they are the attacker would cause serious problems. It's akin to shooting at a suspected intruder in the dark and hitting a family member."
"1. Many attackers will route their exploit through a different IP than their own. Good luck finding them. 2. Given the nature of cyberspace, someone will figure out how to redirect the attack. 3. Resources would be better spent protecting systems and educating users 4. The same attack will be re-engineered and replayed on everyone else. 6. Vigilante justice, in this case, is just plain stupid.'
There is more comments at the Source
\"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
Author Unknown
-
May 21st, 2004, 01:42 AM
#2
Banned
I bet 95% of the readers' idea of striking back is ping -t in a windows command prompt. Unless you know what you are doing, and can prevent or slow the attack. Don't do it.
-
May 21st, 2004, 02:04 AM
#3
Moxnix,
Hopefully the folks will not only read the "nail-em" part but also:
..."no self-respecting cracker uses his own system..."
Obviously, there will be a lot of road kill along the way with self-imposed justice. I would rather that they let the back-orifice meet bubba and his friends. Why not offer them up as a cracker sacrifice to the G-Men?
cheers
Connection refused, try again later.
-
May 21st, 2004, 04:06 AM
#4
Originally posted here by ac1d[YICS]
I bet 95% of the readers' idea of striking back is ping -t in a windows command prompt. Unless you know what you are doing, and can prevent or slow the attack. Don't do it.
Heh, yeah as if that'll do much. But then again the average PC user wouldn't know much about attacking back so what do they think ping -t would really do to the hacker? I don't really know what to expect from average joe attacking back at a cracker/hacker other than what they could have read and like you pointed out, they probably wouldn't know what they are doing.
-
May 21st, 2004, 08:37 PM
#5
At the same time...
Is it safe to argue that someone with knowledge to attack back would also be "self respecting" and compare some things. Like the attacking source address against known proxies, black listed URls etc. Even determine if it is a proxy? Then perhaps they would be "self respecting" enough to scan the port range looking for immediate notices of infection using casual and well known fingerprints? Then this "self respecting" defensive person may determine the likely hood that they have reached a zombie, them go from there. Perhaps in most cases this cracker is some scriptie operating from his DSL/Cable modem. Perhaps the opposite is true in that most attackers aren't savvy enough to successfully hide themselves??? If the opposite is true and many crackers are using proxies to do more than just scan and wet themselves when and open port is found, then wouldn’t they detect the defensive attack immediately anyway?
Personal take? If the dude is transferring files, I’d drop a Trojan in there. Call me a villain, the dude is taking files! It’s like “bait money” banks use. If he’s just tooling around, block, secure monitor and forget. If the files are personal financial data, packet sniff everything and call the FBI. Wile waiting for the FBI counter the move with dummy files if you can, if not block outgoing packets on file transfer protocols. If that’s all ya got record a little then block.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
-
May 23rd, 2004, 03:38 AM
#6
Originally posted here by Relyt
Moxnix,
Hopefully the folks will not only read the "nail-em" part but also:
..."no self-respecting cracker uses his own system..."
Obviously, there will be a lot of road kill along the way with self-imposed justice. I would rather that they let the back-orifice meet bubba and his friends. Why not offer them up as a cracker sacrifice to the G-Men?
cheers
so maybe after a few system crashs these "innocent" computer owners will have someone look at their boxen...maybe even have some patches applied and stop causing the rest of the comunity so many problems
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote