Vulnerability Development mailing list archives
Re: Automatic Retaliation contra DoS
From: d14z1n0n () HOTMAIL COM (Kang Fu)
Date: Thu, 18 May 2000 05:10:57 GMT
IMHO... ANY sort of a retaliatory attack can be used against the person implementing it... While the case of attacking only completed sessions helps some I do know that if I personally was doing such scans and I noticed your response, I couldn't help but to have a little fun ;) If I as the attacker used a strong firewall, then your reverse attack would do nothing but draw my attention to your IP. For myself, that would make you a much more inviting target. I would have to wonder what you were protecting. Definitely it would spark my curiosity to try to find ways I could to take advantage of, or hack into, your setup. Obviously if you were responding with attacks I could assume your not using Windows right off... And as well, your breaking the law by retaliating so I have little fear of consequence at that point. And if you were well enough secured that I couldn't hack you, then maybe I'd just DoS you until I got bored. Which one is more fun? The dead fish or the live one? ----- Original Message ----- From: "Weston Pawlowski" <bug () WESTON CX> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Wednesday, May 17, 2000 3:52 PM Subject: Re: Automatic Retaliation contra DoS
Automatic retaliation is usually a bit dangerous, but it can still be a good thing, you just have to be careful... It can be used as a DoS against you... Let's say that you have portsentry setup to detect stealth TCP and UDP scans/floods, and it filters out all packets from the "attacker" via ipchains.
________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
Current thread:
- Re: Automatic Retaliation contra DoS Kang Fu (May 17)
- <Possible follow-ups>
- Re: Automatic Retaliation contra DoS sigipp () WELLA COM BR (May 18)
- Re: Automatic Retaliation contra DoS Mikael Olsson (May 25)
- Re: Automatic Retaliation contra DoS sigipp () WELLA COM BR (May 25)
- Re: Re: Automatic Retaliation contra DoS Felix von Leitner (May 29)
- Re: Automatic Retaliation contra DoS Daniel Roesen (May 29)
- Re: Automatic Retaliation contra DoS Peter C. Norton (May 29)
- Re: Re: Automatic Retaliation contra DoS Felix von Leitner (May 29)
- Re: Automatic Retaliation contra DoS sigipp () WELLA COM BR (May 29)