Firewall Wizards mailing list archives
RE: Castles and Security (fwd)
From: "Marcus J. Ranum" <mjr () nfr com>
Date: Wed, 03 Jan 2001 19:15:20 -0800
Security Related wrote:
All we can do is spend our time checking that all our troops know thier roles and are skilled in them, listen to the local rumor mill and try to get a little advanced notice of impending strikes, and try to second guess our enemy's methodology before it happens.
I absolutely disagree. That's certainly _one_ option. The other option is to go on the offensive. Imagine if somewhere between 10% and 20% of the "hacker sites" were actually owned and operated by netcops. Now you've got some probability of collating who is doing what through traffic analysis. Next, imagine that toolz are actually fingerprinted, tracked, and designed to accidentally be vulnerable to traffic analysis. Further, imagine that a significant but undetermined percentage of the "hackers" out there are actually netcops. This by itself would not dramatically cut back on hacking -- but what it would do is separate the hackers from the support infrastructures that they currently enjoy openly. That'd hurt, slow them down, put them on the defensive. More importantly again we have the targeting problem: there would still be plenty of hacking activity going on, but it'd now be an FFZ they'd be operating in, rather than a sheltering environment in which information can be easily exchanged. Engaging in unrestricted information warfare against the hackers would be extremely effective, I bet. It'd drive the real hard-core operators way underground - which would further improve the good guys' targeting ability on the rare occasions the hard cases felt confident enough to stick their heads up for a second. Don't misunderstand me and interpret this as _advocating_ we do such a thing, but it's completely possible. I don't think I'd like to live in a world where law enforcement does such things any more than most of the rest of the readership of this list. But it's utterly _possible_. mjr. _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Castles and Security (fwd) Lance Spitzner (Jan 02)
- Re: Castles and Security (fwd) Talisker (Jan 02)
- Re: Castles and Security (fwd) Darren Reed (Jan 02)
- <Possible follow-ups>
- RE: Castles and Security (fwd) Jürgen Nieveler (Jan 02)
- RE: Castles and Security (fwd) twaszak (Jan 03)
- RE: Castles and Security (fwd) Marcus J. Ranum (Jan 03)
- Re: Castles and Security (fwd) Crist Clark (Jan 03)
- RE: Castles and Security (fwd) Marcus J. Ranum (Jan 03)
- Re: Castles and Security (fwd) Antonomasia (Jan 03)
- RE: Castles and Security (fwd) Stiennon,Richard (Jan 03)
- RE: Castles and Security (fwd) Security Related (Jan 03)
- RE: Castles and Security (fwd) Marcus J. Ranum (Jan 03)
- Re: Castles and Security (fwd) Crispin Cowan (Jan 03)
- RE: Castles and Security (fwd) Marcus J. Ranum (Jan 03)
- RE: Castles and Security (fwd) Lance Spitzner (Jan 03)
- Re: Castles and Security (fwd) Darren Reed (Jan 03)
- Re: Castles and Security (fwd) John McDermott (Jan 03)
- Re: Castles and Security (fwd) Darren Reed (Jan 03)
- Re: Castles and Security (fwd) M.Schubert (Jan 04)
- Re: Castles and Security (fwd) Darren Reed (Jan 03)
- Re: Castles and Security (fwd) Darren Reed (Jan 03)
- Re: Castles and Security Title Randy Grimshaw (Jan 04)
- RE: Castles and Security (fwd) daN. (Jan 03)