Comments on: IT Security Warfare http://mcwresearch.com/archives/496 Things I think I've thought about Thu, 20 Nov 2008 09:31:34 +0000 http://wordpress.org/?v=2.5.1 By: Michael http://mcwresearch.com/archives/496#comment-4748 Michael Wed, 27 Jun 2007 14:23:41 +0000 http://mcwresearch.com/archives/496#comment-4748 As much as I'd like to trade metasploit volleys with someone attacking my network, it just isn't ethical as you mentioned and besides, the attacking IP is likely someone's mom's computer that has been compromised and is used as a proxy. However, we aren't without options. Counter attacking in IT security involves gathering evidence that will hold up in a court of law and involving the authorities to pursue the attackers for you. Counter attacking would also include moving upstream and notifying the ISP of the attacking IP to let them know they have a compromised or malicious host on their network and hopefully they'll take action. Allies can often take action you can't. Other actions you can take are to get involved with groups that take down bot herders and their C&C channels. The <a href="http://isc.sans.org/" rel="nofollow">ISC</a> is one such organization that everyone knows about. Hope your travels were safe! As much as I’d like to trade metasploit volleys with someone attacking my network, it just isn’t ethical as you mentioned and besides, the attacking IP is likely someone’s mom’s computer that has been compromised and is used as a proxy.

However, we aren’t without options. Counter attacking in IT security involves gathering evidence that will hold up in a court of law and involving the authorities to pursue the attackers for you.

Counter attacking would also include moving upstream and notifying the ISP of the attacking IP to let them know they have a compromised or malicious host on their network and hopefully they’ll take action. Allies can often take action you can’t.

Other actions you can take are to get involved with groups that take down bot herders and their C&C channels. The ISC is one such organization that everyone knows about.

Hope your travels were safe!

]]> By: Quickies on a Travel Day | RiskAnalys.is http://mcwresearch.com/archives/496#comment-4747 Quickies on a Travel Day | RiskAnalys.is Wed, 27 Jun 2007 13:20:50 +0000 http://mcwresearch.com/archives/496#comment-4747 [...] is “on” in his last two posts on IT Security Warfare.   Problem is that we’re not really allowed all the benefits of counter-attack.  That [...] [...] is “on” in his last two posts on IT Security Warfare.   Problem is that we’re not really allowed all the benefits of counter-attack.  That [...]

]]>