Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
Strikeback, Part Deux
Tim Mullen, 2003-01-13

Why I should have the right to kill a malicious process on your machine.

Comments Mode:
Strikeback, Part Deux 2003-01-13
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-13
Anonymous (2 replies)
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-13
Anonymous
Strikeback, Part Deux 2003-01-13
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-13
llamatron (1 replies)
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-13
Miles (1 replies)
Strikeback, Part Deux 2003-01-13
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-14
Anonymous
Strikeback, Part Deux 2003-01-13
Chris Caydes (2 replies)
Strikeback, Part Deux 2003-01-13
Stealthbadger (2 replies)
Strikeback, Part Deux 2003-01-14
Anonymous
The Self-Defense Argument is flawed... Strikeback, Part Deux 2003-01-14
Shawn Duffy (5 replies)
The Self-Defense Argument is flawed... Strikeback, Part Deux 2003-01-15
Bob
Important differences. 2003-01-15
Stealthbadger
This arguement against the "Self-Defense Argument" is flawed... Strikeback, Part Deux 2003-01-15
Fud
The Self-Defense Argument is flawed... Strikeback, Part Deux 2003-01-15
Anonymous
The Self-Defense Argument is flawed... Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-13
Anonymous
Strikeback, Part Deux - Converted? 2003-01-13
Anonymous
Give me a break... Strikeback, Part Deux 2003-01-13
Shawn Duffy (7 replies)
Give me a break... Strikeback, Part Deux 2003-01-14
Anonymous (5 replies)
Give me a break... Strikeback, Part Deux 2003-01-14
Shawn Duffy (3 replies)
Give me a break... Strikeback, Part Deux 2003-01-15
Anonymous
Give me a break... Strikeback, Part Deux 2003-01-15
Anonymous
Give me a break... Here's some better logic, perhaps... 2003-01-15
Anonymous (1 replies)
Give me a break... Here's some better logic, perhaps... 2003-01-16
Al
Give me a break... Strikeback, Part Deux 2003-01-15
James W. Meritt, CISSP, CISA
Give me a break... Strikeback, Part Deux 2003-01-15
Anonymous (1 replies)
Give me a break... Strikeback, Part Deux 2003-01-16
Al
Give me a break... Strikeback, Part Deux 2003-01-15
Anonymous
Give me a break... Strikeback, Part Deux And Law 2003-01-23
Adrian
Give me a break... Strikeback, Part Deux 2003-01-14
Anonymous
Give me a break... Strikeback, Part Deux 2003-01-14
Kalle Larsson
Give me a break... Strikeback, Part Deux 2003-01-14
Anonymous
Give me a break... Strikeback, Part Deux 2003-01-15
Anonymous
Give me a break... Strikeback, Part Deux 2003-01-15
Alascom
Re: Give me a break... Strikeback, Part Deux 2006-08-03
thoreau
Strikeback strategies CAN'T stop Nimda... 2003-01-13
Nicholas Weaver
The problem is with using a counterattack technique to stop a worm is that it is effectively equivelent to quarrantining known infected machines.

David Moore, Colleen Shannon, Geoffrey Voelker and Stefan Savage, have an excellent analysis of how to respond/contain self propigating code on the Internet.
http://charlotte.ucsd.edu/users/savage/papers/Infocom03.pdf

It turns out that identifying/removing infected machines is not an effective response strategy unless you are really hyper-sensitive. What is needed is identifying the infection and blocking the INFECTION from spreading to new machines.

Additionally, counterattack to stop unknown threats (which nimda in the first few hours was) requires automatic systems to identify and respond, which may be suseptible to spoofing. Someone I don't like? I fake a scan from his machine to your counterattacking network range.


[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/134/17606#17606
Strikeback, Part Deux 2003-01-13
Anonymous
Strikeback, Part Deux 2003-01-13
Anonymous
Strikeback, Part Deux 2003-01-13
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-14
Anonymous
Strikeback, Part Deux 2003-01-14
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-15
Valhalla
Strikeback, Part Deux 2003-01-14
Anonymous (2 replies)
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-14
HalbaSus
Strikeback, Part Deux 2003-01-14
Anonymous
Strikeback, Part Deux 2003-01-14
pjf@thinkage.ca (1 replies)
Strikeback, Part Deux 2003-01-14
Anonymous
MULLEN'S A KOOK 2003-01-14
Soum YnonA (1 replies)
MULLEN'S A KOOK 2003-01-15
Anonymous (1 replies)
MULLEN'S A KOOK - uh, no. You are a kiddie. 2003-01-16
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-14
Anonymous (7 replies)
No, it's like shooting your neighbor's dog who ruthlessly attacking someone. 2003-01-15
P. Hofmeister (1 replies)
No, it's like shooting your neighbor's dog who ruthlessly attacking someone. 2003-01-16
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-15
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-15
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-15
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-15
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? NO 2003-01-15
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-16
Anonymous (1 replies)
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-23
Dr. Vesselin Bontchev
Strikeback, Part Deux 2003-01-15
Ronald
NIMBDA - bad example 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
k.lichtenwalder@computer.org
Strikeback, Part Deux 2003-01-15
pha153
ISP's should be held responsible for their users! 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
James W. Meritt, CISSP, CISA
Strikeback, Part Deux 2003-01-15
Dan
Strikeback, Part Deux 2003-01-15
Anonymous
Striking Back 2003-01-15
Peter Schultz
Strikeback, Part Deux 2003-01-15
Ryan Weaver
What if the Worm Closes the Door? 2003-01-15
Rick.Miller@Linux.org
Malicious "Neutralizing Agent"? 2003-01-15
Rick.Miller@Linux.org
3 strikes 2003-01-15
Jeremiah Blatz
Strikeback, Part Deux -- vacinations 2003-01-15
Anonymous (1 replies)
Strikeback, Part Deux -- vacinations 2003-01-23
Dr. Vesselin Bontchev
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
CounterAttacking is your right 2003-01-15
Anonymous
They just don't get it, do they? 2003-01-15
Concerned Netizen
Your "Right" is Wrong 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
Examples are flawed. 2003-01-15
Bob James
No Automation 2003-01-15
Jeff Licquia
Strikeback, Part Deux - then worms will patch systems themselves! 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, accountability 2003-01-15
hobbsk@ohiou.edu
so why don t you claim the right to shoot dogs too ? 2003-01-15
Anonymous (1 replies)
I do claim the right to shoot dogs 2003-01-15
Bob
Strikeback, Part Deux Star Trek Redux? 2003-01-15
Anonymous
security = ethics 2003-01-15
Anonymous
No it's like stopping the kid from taking a dump in your yard! 2003-01-15
Anonymous
Strikeback is what the world needs 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
We need 2 internets, 1 for the safe and 1 for the dumb 2003-01-15
Ryan N.
Strikeback, Part Deux 2003-01-15
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-16
Anonymous
Strikeback, Part Deux 2003-01-15
M. Durrant
Strikeback - Think b4 you dump 2003-01-15
Dimitris (1 replies)
Strikeback - Think b4 you dump 2003-01-16
Anonymous
The rule of Law 2003-01-16
Anonymous
Strikeback, Part Deux 2003-01-16
Anonymous
Strikeback, Part Deux - Biological Hackback! 2003-01-16
kevmit (1 replies)
Strikeback, Part Deux - Biological Hackback! 2003-01-17
Not Kevin
You shoot them...they shoot you back? 2003-01-17
Anonymous (1 replies)
You shoot them...they shoot you back? 2003-01-18
Johnny Ringo
Strikeback, Part Deux 2003-01-20
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-20
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-21
Anonymous (2 replies)
Strikeback, Part Deux 2003-01-21
Anonymous
Strikeback, Part Deux 2003-01-22
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-23
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-24
Anonymous
Strikeback, Part Deux 2003-01-22
Anonymous
Strikeback, Part Deux 2003-01-22
Anonymous
Rights and defenses 2003-01-23
Dr. Vesselin Bontchev (1 replies)
Rights and defenses 2003-01-24
Anonymous (1 replies)
Rights and defenses 2003-01-25
Anonymous
Legalities 2003-01-23
Anonymous
You are already lost 2003-01-24
Anonymous
Strikeback, Part Deux 2003-01-24
Anonymous
Wrong again Timmy 2003-01-24
Unknown







 

Privacy Statement
Copyright 2007, SecurityFocus