Honeypots mailing list archives
RE: Profiling Hackers..
From: "Toby Miller" <toby_miller () adelphia net>
Date: Sun, 6 Apr 2003 11:23:14 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am/have worked on profiling/rating your enemy. The work I have done can be found at www.ratingthehacker.net. Toby On Sunday 06 April 2003 00:57, nigel () 26354 net wrote:
Are there any organizations that profile hackers and hacker groups?
Yeah, the FBI.. ;-) Among others I'm sure.
Has anyone used a Honeypot for this type of forensic work?
I recall some work being done to characterize attacks but for the most part you'll gets lots of the same. Of course it'd be really nice if something like a Distributed Checksum Clearinghouse (anti-spam) could be made for Honeypots/Snort/etc. DCC for IDS systems... hrmm. Not that you could get enough processed in real-time but it might be good for future investigation, wider-spread threat identification. Come to think of it, this must be the way some companies and organizations work today. If I get enough sleep to think straight, I might look into this. Thanks for the thought. ;-) Cheers, -Ali -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBPpBGXFLhpjRJgUE5EQIyAACgqhdYtY/VXGkkOskQhrckFGlwhGAAoJBJ hS58Nf539rITHssgvcklZpDH =P3wU -----END PGP SIGNATURE-----
Current thread:
- Profiling Hackers.. nigel (Apr 05)
- Re: Profiling Hackers.. Ali-Reza Anghaie (Apr 05)
- RE: Profiling Hackers.. Toby Miller (Apr 06)
- <Possible follow-ups>
- Re: Profiling Hackers.. nigel (Apr 06)
- Re: Profiling Hackers.. merith (Apr 06)
- Re: Profiling Hackers.. Rick Deckard (Apr 06)
- Re: Profiling Hackers.. Seth Arnold (Apr 06)
- Re: Profiling Hackers.. merith (Apr 06)
- Re: Profiling Hackers.. Ali-Reza Anghaie (Apr 05)
- Re: Profiling Hackers.. marc towers (Apr 06)