Home page logo

fulldisclosure logo Full Disclosure mailing list archives

RE: Counter-Attacking hackers? Is this really a good idea?
From: "Mike Fratto" <mfratto () nwc com>
Date: Mon, 8 Mar 2004 10:13:02 -0500

Are these guys nuts? I'm not sure if this is a good
idea or not.

Oddly enough, this *has* been discussed...at length. 
That doesn't mean that it's not worth discussing

It's a bad idea for a few reasons. First, you don't know where the attacker
is. Just because packets are coming from an IP address, doesn't mean that is
the computer the attacker is sitting. It could be any number of compromised
computers the attacker uses to hide their trail. So you end up attacking an
innocent computer. Second, attacking a computer is illegal. Third, attacking
an attacker doesn't do a whole lot to really stop the problem, which is
basically if you got rooted, then your computer is poorly protected. Try to
solve the root problem.

Spend your time protecting your systems, learn the relevant USC codes to
prosecuting attackers, learn how to gather data for prosecution, report
problems to your ISP and the offending ISP, and contact, if appropriate, the
authorities. That's a better use of your time.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]