Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
Strikeback, Part Deux
Tim Mullen, 2003-01-13

Why I should have the right to kill a malicious process on your machine.

Comments Mode:
Strikeback, Part Deux 2003-01-13
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-13
Anonymous (2 replies)
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-13
Anonymous
Strikeback, Part Deux 2003-01-13
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-13
llamatron (1 replies)
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-13
Miles (1 replies)
Strikeback, Part Deux 2003-01-13
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-14
Anonymous
Strikeback, Part Deux 2003-01-13
Chris Caydes (2 replies)
Strikeback, Part Deux 2003-01-13
Stealthbadger (2 replies)
Strikeback, Part Deux 2003-01-14
Anonymous
The Self-Defense Argument is flawed... Strikeback, Part Deux 2003-01-14
Shawn Duffy (5 replies)
The Self-Defense Argument is flawed... Strikeback, Part Deux 2003-01-15
Bob
Important differences. 2003-01-15
Stealthbadger
This arguement against the "Self-Defense Argument" is flawed... Strikeback, Part Deux 2003-01-15
Fud
The Self-Defense Argument is flawed... Strikeback, Part Deux 2003-01-15
Anonymous
The Self-Defense Argument is flawed... Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-13
Anonymous
Strikeback, Part Deux - Converted? 2003-01-13
Anonymous
Give me a break... Strikeback, Part Deux 2003-01-13
Shawn Duffy (7 replies)
Give me a break... Strikeback, Part Deux 2003-01-14
Anonymous (5 replies)
Give me a break... Strikeback, Part Deux 2003-01-14
Shawn Duffy (3 replies)
Give me a break... Strikeback, Part Deux 2003-01-15
Anonymous
Give me a break... Strikeback, Part Deux 2003-01-15
Anonymous
Give me a break... Here's some better logic, perhaps... 2003-01-15
Anonymous (1 replies)
Give me a break... Here's some better logic, perhaps... 2003-01-16
Al
Give me a break... Strikeback, Part Deux 2003-01-15
James W. Meritt, CISSP, CISA
Give me a break... Strikeback, Part Deux 2003-01-15
Anonymous (1 replies)
Give me a break... Strikeback, Part Deux 2003-01-16
Al
Give me a break... Strikeback, Part Deux 2003-01-15
Anonymous
Give me a break... Strikeback, Part Deux And Law 2003-01-23
Adrian
Give me a break... Strikeback, Part Deux 2003-01-14
Anonymous
Give me a break... Strikeback, Part Deux 2003-01-14
Kalle Larsson
Give me a break... Strikeback, Part Deux 2003-01-14
Anonymous
Give me a break... Strikeback, Part Deux 2003-01-15
Anonymous
Give me a break... Strikeback, Part Deux 2003-01-15
Alascom
Re: Give me a break... Strikeback, Part Deux 2006-08-03
thoreau
Strikeback strategies CAN'T stop Nimda... 2003-01-13
Nicholas Weaver
Strikeback, Part Deux 2003-01-13
Anonymous
Strikeback, Part Deux 2003-01-13
Anonymous
Strikeback, Part Deux 2003-01-13
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-14
Anonymous
Strikeback, Part Deux 2003-01-14
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-15
Valhalla
Strikeback, Part Deux 2003-01-14
Anonymous (2 replies)
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-14
HalbaSus
Most of those working in the security field (or not) did used some sort of strikeback tehniques...

For example a few months ago due to a disagreement on a IRC channel some guy started flooding me from a linux with vulnerable SSL... it wasn't his machine... he hacked it in order to use it for DoS... Yes, I hacked into the machine stoped the flood and I sent a mail to the admin.

But... doing this process automatic it's pretty dangerous... what will consider such a strikeback utility as a threat ? A worm ? If I would strike-back on every nimda/red-code/iis worms who scanned my system I would be probably end up hacking 24/7 turning my machine into an automated hacking bot. Portscans are generally considered legal and I don't consider portscans or cgi scans as a threat for my system. I do consider DoS attacks as a threat because no mather how secure your network is DoS and DDoS attacks are harmfull... Should one strike back if he's system is flooded... my choice is YES ! But this is up to everybody (maybe if my OC3 is flooded by a couple of DSL machines I won't panic)... Automating this process is a very very very BAD ideea... how can a script determine the intensity, the danger of a DoS... sometimes strikeback is not the best defense. For example the recent .bugtraq used communication between infected systems... If your network had an infected machine and you patched it, the rest of infected clients continued to send UDP requests and since your machine never answered they continued "flooding"... Hacking into all of them would be pretty painfull and bandwith consuming... filtering them out would be a much smarter choice... so... unless you don't have some super-inteligent script which could take good decision... you have to forget about strikeback techniques... at least not automatically

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/134/17647#17647
Strikeback, Part Deux 2003-01-14
Anonymous
Strikeback, Part Deux 2003-01-14
pjf@thinkage.ca (1 replies)
Strikeback, Part Deux 2003-01-14
Anonymous
MULLEN'S A KOOK 2003-01-14
Soum YnonA (1 replies)
MULLEN'S A KOOK 2003-01-15
Anonymous (1 replies)
MULLEN'S A KOOK - uh, no. You are a kiddie. 2003-01-16
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-14
Anonymous (7 replies)
No, it's like shooting your neighbor's dog who ruthlessly attacking someone. 2003-01-15
P. Hofmeister (1 replies)
No, it's like shooting your neighbor's dog who ruthlessly attacking someone. 2003-01-16
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-15
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-15
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-15
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-15
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? NO 2003-01-15
Anonymous
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-16
Anonymous (1 replies)
Isn't this like smacking the neighbor's kid for mouthing off? 2003-01-23
Dr. Vesselin Bontchev
Strikeback, Part Deux 2003-01-15
Ronald
NIMBDA - bad example 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
k.lichtenwalder@computer.org
Strikeback, Part Deux 2003-01-15
pha153
ISP's should be held responsible for their users! 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
James W. Meritt, CISSP, CISA
Strikeback, Part Deux 2003-01-15
Dan
Strikeback, Part Deux 2003-01-15
Anonymous
Striking Back 2003-01-15
Peter Schultz
Strikeback, Part Deux 2003-01-15
Ryan Weaver
What if the Worm Closes the Door? 2003-01-15
Rick.Miller@Linux.org
Malicious "Neutralizing Agent"? 2003-01-15
Rick.Miller@Linux.org
3 strikes 2003-01-15
Jeremiah Blatz
Strikeback, Part Deux -- vacinations 2003-01-15
Anonymous (1 replies)
Strikeback, Part Deux -- vacinations 2003-01-23
Dr. Vesselin Bontchev
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
CounterAttacking is your right 2003-01-15
Anonymous
They just don't get it, do they? 2003-01-15
Concerned Netizen
Your "Right" is Wrong 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
Examples are flawed. 2003-01-15
Bob James
No Automation 2003-01-15
Jeff Licquia
Strikeback, Part Deux - then worms will patch systems themselves! 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
Strikeback, accountability 2003-01-15
hobbsk@ohiou.edu
so why don t you claim the right to shoot dogs too ? 2003-01-15
Anonymous (1 replies)
I do claim the right to shoot dogs 2003-01-15
Bob
Strikeback, Part Deux Star Trek Redux? 2003-01-15
Anonymous
security = ethics 2003-01-15
Anonymous
No it's like stopping the kid from taking a dump in your yard! 2003-01-15
Anonymous
Strikeback is what the world needs 2003-01-15
Anonymous
Strikeback, Part Deux 2003-01-15
Anonymous
We need 2 internets, 1 for the safe and 1 for the dumb 2003-01-15
Ryan N.
Strikeback, Part Deux 2003-01-15
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-16
Anonymous
Strikeback, Part Deux 2003-01-15
M. Durrant
Strikeback - Think b4 you dump 2003-01-15
Dimitris (1 replies)
Strikeback - Think b4 you dump 2003-01-16
Anonymous
The rule of Law 2003-01-16
Anonymous
Strikeback, Part Deux 2003-01-16
Anonymous
Strikeback, Part Deux - Biological Hackback! 2003-01-16
kevmit (1 replies)
Strikeback, Part Deux - Biological Hackback! 2003-01-17
Not Kevin
You shoot them...they shoot you back? 2003-01-17
Anonymous (1 replies)
You shoot them...they shoot you back? 2003-01-18
Johnny Ringo
Strikeback, Part Deux 2003-01-20
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-20
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-21
Anonymous (2 replies)
Strikeback, Part Deux 2003-01-21
Anonymous
Strikeback, Part Deux 2003-01-22
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-23
Anonymous (1 replies)
Strikeback, Part Deux 2003-01-24
Anonymous
Strikeback, Part Deux 2003-01-22
Anonymous
Strikeback, Part Deux 2003-01-22
Anonymous
Rights and defenses 2003-01-23
Dr. Vesselin Bontchev (1 replies)
Rights and defenses 2003-01-24
Anonymous (1 replies)
Rights and defenses 2003-01-25
Anonymous
Legalities 2003-01-23
Anonymous
You are already lost 2003-01-24
Anonymous
Strikeback, Part Deux 2003-01-24
Anonymous
Wrong again Timmy 2003-01-24
Unknown







 

Privacy Statement
Copyright 2008, SecurityFocus