[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Counter-Attacking hackers? Is this really a good idea?
- To: "'Harlan Carvey'" <keydet89@xxxxxxxxx>, <technocrat@xxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] Counter-Attacking hackers? Is this really a good idea?
- From: "Mike Fratto" <mfratto@xxxxxxx>
- Date: Mon, 8 Mar 2004 10:13:02 -0500
> > Are these guys nuts? I'm not sure if this is a good
> > idea or not.
>
> Oddly enough, this *has* been discussed...at length.
> That doesn't mean that it's not worth discussing
> more...
It's a bad idea for a few reasons. First, you don't know where the attacker
is. Just because packets are coming from an IP address, doesn't mean that is
the computer the attacker is sitting. It could be any number of compromised
computers the attacker uses to hide their trail. So you end up attacking an
innocent computer. Second, attacking a computer is illegal. Third, attacking
an attacker doesn't do a whole lot to really stop the problem, which is
basically if you got rooted, then your computer is poorly protected. Try to
solve the root problem.
Spend your time protecting your systems, learn the relevant USC codes to
prosecuting attackers, learn how to gather data for prosecution, report
problems to your ISP and the offending ISP, and contact, if appropriate, the
authorities. That's a better use of your time.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html