Full Disclosure mailing list archives
RE: CounterAttack
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Fri, 1 Aug 2003 09:08:40 -0500
-----Original Message----- From: Jeff Bankston [mailto:suse () mail bciassociates com] Sent: Friday, August 01, 2003 8:04 AM To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] CounterAttack Phil, I have to echo the other comments, because sometimes your return fire invites an escalation before you know all of the facts. We spend alot of time in the forensics of an attack to understand if first it is _us_ letting the vunerability in where we coulde have simply made our systems, firewalls, and perimeter routers more secure in the first place.
There's another aspect as well. Often if you attack a computer that's attacking you, you will be attacking an innocent victim that has been hacked themselves. (And no, I don't want to get in to the argument of whether or not they're really innocent, they should have patched, yada, yada, yada). In that case, your response accomplishes nothing meaningful. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: CounterAttack Dolbow, Phil (Jul 31)
- Re: CounterAttack Martin Peikert (Aug 01)
- <Possible follow-ups>
- Re: CounterAttack Jeff Bankston (Aug 01)
- RE: CounterAttack Schmehl, Paul L (Aug 01)