Secure Coding mailing list archives
Re: informIT: Building versus Breaking
From: Chris Schmidt <chrisisbeef () gmail com>
Date: Sat, 03 Sep 2011 11:26:16 -0600
On 9/3/2011 11:22 AM, Kevin W. Wall wrote:
On Fri, Sep 2, 2011 at 6:19 PM, Chris Schmidt <chrisisbeef () gmail com> wrote:On Sep 2, 2011, at 10:44 AM, "Goertzel, Karen [USA]" <goertzel_karen () bah com> wrote:What we need is to start building software that can fight back. Then we could become part of "cyber warfare" which is much sexier than "software assurance". :)Simple. Owasp esapi + owasp appsensor + honeypot = winI'd still consider that defensive. If you want" cyber warfare" and are willing to go over to the dark side, you can define your own custom AppSensor response actionsto act offensively. For instance, you could easily try to download malware to the attacker or mount a DoS attack against them. Personally, I don't recommend such escalation though, even if it is a tit-for-tat strategy. Reacting in that manner is likely to make you a criminal as well. -kevin
That may be, but there are ways to fight back without breaking the law.. Hence the honeypot, let the attacker exploit the hell out of a system that does absolutely nothing track all of his movements and gather as much intel about them as possible - then provided you have good audit logging you have more information than you can handle about the attack to forward on to the feds for appropriate vanning. Granted, this is making some pretty hefty assumptions about the state of the app in question, the skill of the attacker, and the vanning abilities of the men in black, but it is far more sexy than purely writing defensive code alone. _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- Re: informIT: Building versus Breaking, (continued)
- Re: informIT: Building versus Breaking Sergio 'shadown' Alvarez (Sep 01)
- Re: informIT: Building versus Breaking Tom Brennan (Sep 05)
- Re: informIT: Building versus Breaking iarce (Sep 05)
- Re: informIT: Building versus Breaking Stephen Craig Evans (Sep 05)
- Re: informIT: Building versus Breaking Goertzel, Karen [USA] (Sep 05)
- Re: informIT: Building versus Breaking Chris Schmidt (Sep 05)
- Re: informIT: Building versus Breaking Kevin W. Wall (Sep 05)
- Re: informIT: Building versus Breaking Chris Schmidt (Sep 05)