How do you become a Cyber Bounty Hunter?

["C Ryll" <carolynryll () hotmail com>]

After a discussion with some people regarding Microsoft's two posted 
bounties, I understand that cyber bounty hunters are actually available for 
hire by companies. I am curious what knowledge base, or experience, this 
type of independent position would require. Where would you obtain this form 
of security knowledge? Given that MAC and IP can both be spoofed, and that 
victim systems are often used to launch some attacks, how do you actually 
get back to the original source?

Note that I am not talking about fundamental security knowledge (I.e., how 
to secure a system, or determining if/what was on the system), but how to 
trace back to the origin of the attack while knowing that the IP and MAC are 
most likely spoofed and/or attacks rerouted.

Respectfully,
Carolyn.

_________________________________________________________________
Frustrated with dial-up? Get high-speed for as low as $26.95.  
https://broadband.msn.com (Prices may vary by service area.)


---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_pen-test_031023
and use priority code SF4.
----------------------------------------------------------------------------