Tim Mullen, 2003-01-13
Why I should have the right to kill a malicious process on your machine.
Colapse all |
Post comment
Strikeback, Part Deux
2003-01-13
Anonymous (1 replies)
Anonymous (1 replies)
Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
I agree that something needs to be done about worm infected systems, what I disagree with is "what". I am of the opinion that there needs to be a zero tolerance to malicous/worm attacks on the internet. Infected machines can and should be disconnected (quarantined if you like) from the internet.
...
[ more ] [ reply ]
...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-13
Anonymous (2 replies)
Anonymous (2 replies)
However if someone's child is sick YOU don't take them out of school.
What you're suggesting is fine only IF the strikeback is done by a state approved organization with controls in place to limit damage to innocent bystanders. Otherwise you're going to have a lot of admins who *think* they know w...
[ more ] [ reply ]
What you're suggesting is fine only IF the strikeback is done by a state approved organization with controls in place to limit damage to innocent bystanders. Otherwise you're going to have a lot of admins who *think* they know w...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
And we all know how efficient the government is at responding to threats.. /sarcasm
While having a state-sponsored response center would be an ideal method, it (like communism) could never be practically implemented. No, in order to work, responses would have to be decentralize; at the edge of t...
[ more ] [ reply ]
While having a state-sponsored response center would be an ideal method, it (like communism) could never be practically implemented. No, in order to work, responses would have to be decentralize; at the edge of t...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-13
Anonymous
Anonymous
I agree totally. Good work, Tim.
We need some accountability for these issues, anyone who would suggest otherwise is not working for the "greater good" of network security, and is more concerned with silly debates over human rights. This is purely a defense issue, not an offence like some would l...
[ more ] [ reply ]
We need some accountability for these issues, anyone who would suggest otherwise is not working for the "greater good" of network security, and is more concerned with silly debates over human rights. This is purely a defense issue, not an offence like some would l...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-13
Anonymous (1 replies)
Anonymous (1 replies)
What if someone does damage to my machine, maliciously or unintentionally, then claims they were just trying to stop a worm that was running on it? Which, of course, I can't verify because they've already destroyed the evidence?
Alternatively, this would give hackers the right to break into what...
[ more ] [ reply ]
Alternatively, this would give hackers the right to break into what...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-13
llamatron (1 replies)
llamatron (1 replies)
I think the potential damage aspect is the most blindingly obvious hole in this entire argument. Do I trust other people to safely break into my system to "fix" it? How can I prove there was no trojan present? What if they try to take out the trojan and kill a server instead? The legal problems in t...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
I totally agree with llamatron. The clue factor on the Internet is why we have unsecured servers in the first place. If these same unwashed masses of admins start playing with tools they don't understand, it could have even more devastating consequenses than the attack it is intended to stop. In ...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-13
Miles (1 replies)
Miles (1 replies)
I would have to disagree with Mr. Mullen. I can see that there is a LOT of frustration building due to those who cause others harm simply because they can't secure their systems. It frustrates me too. But imagine the legal ramifications. "Oh, my IDS detected that your port scan was a possible worm, ...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-13
Anonymous (1 replies)
Anonymous (1 replies)
If ISP's would just act responsibly and implement proper egress filtering, then spoofed IP addresses (and largely DoS attacks) would vanish as a problem....
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-14
Anonymous
Anonymous
It would take more than that. A lot of DDoS attacks aren't spoofed, because the hacker doesn't care if the target knows whose machines he's rooted. There also needs to be a willingness on the part of cable and DSL providers to disconnect customers whose machines are participating in scanning or DD...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-13
Chris Caydes (2 replies)
Chris Caydes (2 replies)
Mr. Mullen's strikeback concept is interesting.
Yet in the examples given at the end, the entity that takes "strikeback" measures are "official authorities", not individuals :
- a state taking a child out of school
- authorities putting a dog down
- a court sending someone to prison
That makes ...
[ more ] [ reply ]
Yet in the examples given at the end, the entity that takes "strikeback" measures are "official authorities", not individuals :
- a state taking a child out of school
- authorities putting a dog down
- a court sending someone to prison
That makes ...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-13
Stealthbadger (2 replies)
Stealthbadger (2 replies)
I seriously wonder why a different approach wasn't taken with this article, though I agree with its premises.
First off, law enforcement authorities do not exist to protect us except as deterrents - what police do is catch criminals, AFTER the damage has been done. This is why there are volumes ...
[ more ] [ reply ]
First off, law enforcement authorities do not exist to protect us except as deterrents - what police do is catch criminals, AFTER the damage has been done. This is why there are volumes ...
[ more ] [ reply ]
The Self-Defense Argument is flawed... Strikeback, Part Deux
2003-01-14
Shawn Duffy (5 replies)
Shawn Duffy (5 replies)
Self-Defense laws do exist and they exist so that you may protect yourself... But the key is: Reasonable force, i.e. just enough to stop harm to you.
For example, if someone is in your house and points a gun at you, you can shoot him, I have no argument there... However, if someone is in your house...
[ more ] [ reply ]
For example, if someone is in your house and points a gun at you, you can shoot him, I have no argument there... However, if someone is in your house...
[ more ] [ reply ]
The Self-Defense Argument is flawed... Strikeback, Part Deux
2003-01-15
Bob
Bob
So what do you propose doing if you're the target of a DDOS attack? Is there a good way to block traffic from attacking machines, while allowing traffic from legitimate machines, and preventing your network from being overwhelmed? Seems to me that if there were tools available to automatically ide...
[ more ] [ reply ]
[ more ] [ reply ]
Important differences.
2003-01-15
Stealthbadger
Stealthbadger
I would agree with your criticism except for three things.
1. Do a Google search on "Defense of Personal Property," there are legal precedents even there.
2. There is no reliable legal recourse to an "attack" of this nature.
3. Going with the author's argument a bit, if there is no attack...
[ more ] [ reply ]
1. Do a Google search on "Defense of Personal Property," there are legal precedents even there.
2. There is no reliable legal recourse to an "attack" of this nature.
3. Going with the author's argument a bit, if there is no attack...
[ more ] [ reply ]
This arguement against the "Self-Defense Argument" is flawed... Strikeback, Part Deux
2003-01-15
Fud
Fud
Most self defense laws also include provisions for using "leathal force" to defend others from harm. By simply barring the gates from this attack you are, in essence, passing the danger to another system that may not be as able to defend itself as your own. Someones going to get hurt somewhere alo...
[ more ] [ reply ]
[ more ] [ reply ]
The Self-Defense Argument is flawed... Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
You make the following analogy: defending your computer on your network by blocking your routers is like defending yourself in your home by producing a weapon and announcing your intent to make use of it (and possibly doing so). This analogy is incorrect, however. The analogy should be: defending yo...
[ more ] [ reply ]
[ more ] [ reply ]
The Self-Defense Argument is flawed... Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
>Someone breaks into your house and you notify them that
> you have a weapon or you point your gun at them... if the
> intruder starts to make an escape, you CANNOT chase them
> down and shoot them!!! And that is what the Strikebacks
> are all about... chasing down a potential intruder
> and "s...
[ more ] [ reply ]
> you have a weapon or you point your gun at them... if the
> intruder starts to make an escape, you CANNOT chase them
> down and shoot them!!! And that is what the Strikebacks
> are all about... chasing down a potential intruder
> and "s...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-13
Anonymous
Anonymous
IMNSHO, the "authority" should be the ISP. I have no problem with the StrikeBack concept, but I do not think that inDUHviduals should be running StrikeBack system, lest we find ourselves with a new bunch of script-kiddies installing a modified version of StrikeBack and using it as a 3133T hAx0r too...
[ more ] [ reply ]
[ more ] [ reply ]
Give me a break... Strikeback, Part Deux
2003-01-13
Shawn Duffy (7 replies)
Shawn Duffy (7 replies)
Completely ridiculous...
There is no justification for asserting control over resources that are not yours!! If someone steals something from you, do you have the right to break into their house and steal it back? No, you do not... You need to provide evidence and proof, then the state will get it ...
[ more ] [ reply ]
There is no justification for asserting control over resources that are not yours!! If someone steals something from you, do you have the right to break into their house and steal it back? No, you do not... You need to provide evidence and proof, then the state will get it ...
[ more ] [ reply ]
Give me a break... Strikeback, Part Deux
2003-01-14
Anonymous (5 replies)
Anonymous (5 replies)
The rule of law? You obviously can't read. Mullen is dead on right. Morons who can't secure a computer are NOT DOING ANYTHING ILLEGAL. That is the problem! Stop bringing stupid examples into this. Smashing stereos? That does not happen in the real world. What happens is that we have to deal with...
[ more ] [ reply ]
[ more ] [ reply ]
Give me a break... Strikeback, Part Deux
2003-01-14
Shawn Duffy (3 replies)
Shawn Duffy (3 replies)
So... it should be illegal to not secure your computer? You need to get real... We can't make stupidity illegal but we can make it expensive... and ultimately, that's all that matters to people. unfortunately, it is not against the law to be stupid nor should it be. Ultimately, we need to get better...
[ more ] [ reply ]
[ more ] [ reply ]
Give me a break... Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
You seem very outspoken about this, but in all the posts you have, you talk about things that mullen does not talk about. I'm not sure where you are getting your information. Schneier linked to his essay, and it is clear about all the stuff you are talking about. You should probably read it to. ...
[ more ] [ reply ]
[ more ] [ reply ]
Give me a break... Here's some better logic, perhaps...
2003-01-15
Anonymous (1 replies)
Anonymous (1 replies)
Sorry if someone else brought this up further down, but I have to say this in support of Mullens' idea:
Stick with the stero example for a second. Your neighbor is a nice enough guy, although perhaps you don't really know him or talk to him very regularly (if at all). He goes out of town for tw...
[ more ] [ reply ]
Stick with the stero example for a second. Your neighbor is a nice enough guy, although perhaps you don't really know him or talk to him very regularly (if at all). He goes out of town for tw...
[ more ] [ reply ]
Give me a break... Here's some better logic, perhaps...
2003-01-16
Al
Al
Good Reply. Shawn, you're too wrapped up in your petty analogies to see a simple reality here. if you're a system administrator and you leave your system open and it gets infected, wouldn't you be GLAD of the help provided by someone else in shutting down the process for you? even if you are selfish...
[ more ] [ reply ]
[ more ] [ reply ]
Give me a break... Strikeback, Part Deux
2003-01-15
Anonymous (1 replies)
Anonymous (1 replies)
So install an antivirus... deal with nimda like we all do.
So you are saying you should be punished for not locking the door to your house at night?
How reasonable is this?...
[ more ] [ reply ]
So you are saying you should be punished for not locking the door to your house at night?
How reasonable is this?...
[ more ] [ reply ]
Give me a break... Strikeback, Part Deux
2003-01-16
Al
Al
Punished???
Jeez get real! its not as though strike-back is designed to format your machine while displaying a console message saying "This is what happens to Naughty admisitrators".
all it does is prevent the worm from continuing to propogate, if you read the full description thats linked to in t...
[ more ] [ reply ]
Jeez get real! its not as though strike-back is designed to format your machine while displaying a console message saying "This is what happens to Naughty admisitrators".
all it does is prevent the worm from continuing to propogate, if you read the full description thats linked to in t...
[ more ] [ reply ]
Give me a break... Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
Actually, I have to disagree. Lets try a better example.
Lets say in the apartment building down the road some hooligans break into the basement and decide to move in. The landlord never comes to the building unless the tennants complain, and these new tennants are stealthy enough to avoid detect...
[ more ] [ reply ]
Lets say in the apartment building down the road some hooligans break into the basement and decide to move in. The landlord never comes to the building unless the tennants complain, and these new tennants are stealthy enough to avoid detect...
[ more ] [ reply ]
Give me a break... Strikeback, Part Deux And Law
2003-01-23
Adrian
Adrian
I do belive that one does not have the right to strike back if his computer is attacked. What is the difference between he and the attaker ? They both use the same methods, think about...
And suppose that we agree with the article, can you tell me how, in the name of God, can you stop only ONE proc...
[ more ] [ reply ]
And suppose that we agree with the article, can you tell me how, in the name of God, can you stop only ONE proc...
[ more ] [ reply ]
Give me a break... Strikeback, Part Deux
2003-01-14
Anonymous
Anonymous
Shawn,
You saved me the trouble of typing a long response. I agree with you 100%. The analogies you made are well taken. We are all fed up with crackers/malicious code, but this is not the way. Whats next, track down the guy hacking your network and shoot him to prevent any further attacks on your ...
[ more ] [ reply ]
You saved me the trouble of typing a long response. I agree with you 100%. The analogies you made are well taken. We are all fed up with crackers/malicious code, but this is not the way. Whats next, track down the guy hacking your network and shoot him to prevent any further attacks on your ...
[ more ] [ reply ]
Give me a break... Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
I'm in complete agreement.
The "rights to the process" argument is absurd. A user has a right to control what is running on the machine and who has access and control over that machine, just because a worm or virus maliciously usurps that power doesn't give any other individual the right to also...
[ more ] [ reply ]
The "rights to the process" argument is absurd. A user has a right to control what is running on the machine and who has access and control over that machine, just because a worm or virus maliciously usurps that power doesn't give any other individual the right to also...
[ more ] [ reply ]
Give me a break... Strikeback, Part Deux
2003-01-15
Alascom
Alascom
If a bank robber steals my car and uses it during a holdup, my car may get bullet holes shot in it from "private" security guards. Yet, I have no legal recourse to be compensated from the security guards for the damage to my "stolen vehicle." I must seek compensation from the thief whole stole the...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback strategies CAN'T stop Nimda...
2003-01-13
Nicholas Weaver
Nicholas Weaver
The problem is with using a counterattack technique to stop a worm is that it is effectively equivelent to quarrantining known infected machines.
David Moore, Colleen Shannon, Geoffrey Voelker and Stefan Savage, have an excellent analysis of how to respond/contain self propigating code on the Int...
[ more ] [ reply ]
David Moore, Colleen Shannon, Geoffrey Voelker and Stefan Savage, have an excellent analysis of how to respond/contain self propigating code on the Int...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-13
Anonymous
Anonymous
It's a good idea, but it won't do any good for the "internet at large".
Let's face it, most IT folks don't give a rat's ass about patching or securing their systems. Strikeback or something like it will just give them another reason to place security/patching of their systems on the backburner.
...
[ more ] [ reply ]
Let's face it, most IT folks don't give a rat's ass about patching or securing their systems. Strikeback or something like it will just give them another reason to place security/patching of their systems on the backburner.
...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-13
Anonymous (1 replies)
Anonymous (1 replies)
You're almost right. Some one in AUTHORITY should have the right to kill the errant process on my machine if it is affecting you.
But you should NOT. That's what the "authorities" are for, and no amount of preaching can grant you that right....
[ more ] [ reply ]
But you should NOT. That's what the "authorities" are for, and no amount of preaching can grant you that right....
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-14
Anonymous (1 replies)
Anonymous (1 replies)
Mr. Mullen wrote:
>I think the main reason for the knee-jerk criticism from the likes of Schultz is that
>they work largely in a theoretical rose-colored world of security, where all problems
>are solved after a cup of coffee and a bit of pontification.
Mr. Mullen once again has written som...
[ more ] [ reply ]
>I think the main reason for the knee-jerk criticism from the likes of Schultz is that
>they work largely in a theoretical rose-colored world of security, where all problems
>are solved after a cup of coffee and a bit of pontification.
Mr. Mullen once again has written som...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Valhalla
Valhalla
Gene:
That is simply not true. There are many excellent security people who hang out at Hammer of God, and many of us worked with Tim when he first developed Hackback. I remember your comments in News Bites, and remember thinking WTF as you were not even in Vegas. I even asked Tim if you had re...
[ more ] [ reply ]
That is simply not true. There are many excellent security people who hang out at Hammer of God, and many of us worked with Tim when he first developed Hackback. I remember your comments in News Bites, and remember thinking WTF as you were not even in Vegas. I even asked Tim if you had re...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-14
Anonymous (2 replies)
Anonymous (2 replies)
Mr Mullins; you say that the owner of the system is responsible for patching the O/S etc to prevent infection and other malware. I say it is up to the software developers (& I r 1) to ensure that there are a lot less reasons system owners NEED to patch the software in the first place. Why should I s...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
I would go even further...
"Since the owner of a system has no responsibility for the actions of a worm, or any malicious process, that runs without their knowledge, I submit that they also have no rights to the process. No responsibility means no rights." Good, except that the user does not own ...
[ more ] [ reply ]
"Since the owner of a system has no responsibility for the actions of a worm, or any malicious process, that runs without their knowledge, I submit that they also have no rights to the process. No responsibility means no rights." Good, except that the user does not own ...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous (1 replies)
Anonymous (1 replies)
Software will always have bugs, you cant expect a perfect release on time, every time. But, a resposible software house will release patches for when the problems are found. ...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
Yes, but we are already seeing (and have been seeing for some time) "patch overload".
Like 'the boy who cried wolf', there are so many patches for so many different bits of software that your average user has had enough. Once = "good I will apply it", twice = "you could have fixed this in the las...
[ more ] [ reply ]
Like 'the boy who cried wolf', there are so many patches for so many different bits of software that your average user has had enough. Once = "good I will apply it", twice = "you could have fixed this in the las...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-14
HalbaSus
HalbaSus
Most of those working in the security field (or not) did used some sort of strikeback tehniques...
For example a few months ago due to a disagreement on a IRC channel some guy started flooding me from a linux with vulnerable SSL... it wasn't his machine... he hacked it in order to use it for DoS...
[ more ] [ reply ]
For example a few months ago due to a disagreement on a IRC channel some guy started flooding me from a linux with vulnerable SSL... it wasn't his machine... he hacked it in order to use it for DoS...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-14
Anonymous
Anonymous
good idea; I therefore hereby post an amendment to RFC9999: Malware Standards 2003
"All Malware must respond to the following strings on any given port that it binds to:
[1] PLSSTPATKINGME (Please Stop Attacking Me): Add source address to list of "do not attack" hosts
[2] TERM (Terminate): ...
[ more ] [ reply ]
"All Malware must respond to the following strings on any given port that it binds to:
[1] PLSSTPATKINGME (Please Stop Attacking Me): Add source address to list of "do not attack" hosts
[2] TERM (Terminate): ...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-14
pjf@thinkage.ca (1 replies)
pjf@thinkage.ca (1 replies)
English common law, used in the UK, US, Canada, etc has always had the concept of necessity. You are allowed to do anything that is necessary, even if it is against the law to prevent a greater evil from being done. This is where killing is self defence comes from. If you can convince the
jury (or ...
[ more ] [ reply ]
jury (or ...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-14
Anonymous
Anonymous
Questions raised in my mind by all three of the "Strikeback" bits seem to amount to:
0. is "strikeback" purely reactive, or might it eventually be implemented proactively?
1. what is a malicious process, and who decides? (commercial mass e-mailers, perhaps? what about commercial webservers tha...
[ more ] [ reply ]
0. is "strikeback" purely reactive, or might it eventually be implemented proactively?
1. what is a malicious process, and who decides? (commercial mass e-mailers, perhaps? what about commercial webservers tha...
[ more ] [ reply ]
MULLEN'S A KOOK
2003-01-14
Soum YnonA (1 replies)
Soum YnonA (1 replies)
forgetta about him always has been always will be just looking for attetiton silly KOOK...
[ more ] [ reply ]
[ more ] [ reply ]
MULLEN'S A KOOK
2003-01-15
Anonymous (1 replies)
Anonymous (1 replies)
Isn't this like smacking the neighbor's kid for mouthing off?
2003-01-14
Anonymous (7 replies)
Anonymous (7 replies)
Think about it. The neighbor's kid says something nasty to you, you pimp-slap him silly. Do you have that right? No. You'd go to jail. What makes this any different? I don't give anyone the "right" to hack me back just to turn off some trojan, or give them the right to nuke my POP3 server. This is n...
[ more ] [ reply ]
[ more ] [ reply ]
No, it's like shooting your neighbor's dog who ruthlessly attacking someone.
2003-01-15
P. Hofmeister (1 replies)
P. Hofmeister (1 replies)
Are bandwidth and CPU power unlimited commodities for you? If so I would hope you would kindly share some with me. Some small sites running on modest machines with modest bandwidth can't reasonably handle a few thousand hits a day from worm-infected machines....
[ more ] [ reply ]
[ more ] [ reply ]
No, it's like shooting your neighbor's dog who ruthlessly attacking someone.
2003-01-16
Anonymous
Anonymous
"No, it's like shooting your neighbor's dog who ruthlessly attacking someone."
Here's the problem with that anaolgy... I had a neighbor whose son was attacked my a rottweiler in his own yard. The rottweiler belonged to another neigbor (a couple of houses away). This dog had attacked others before...
[ more ] [ reply ]
Here's the problem with that anaolgy... I had a neighbor whose son was attacked my a rottweiler in his own yard. The rottweiler belonged to another neigbor (a couple of houses away). This dog had attacked others before...
[ more ] [ reply ]
Isn't this like smacking the neighbor's kid for mouthing off?
2003-01-15
Anonymous
Anonymous
No, this is like smacking the neighbors kid when he keeps coming over into your yard and trying to beat up your kids.
I don't see anything wrong with it - if you've got an unauthorized process on your machine wandering around the net attacking people, why shouldn't it get a bullet to the head?
...
[ more ] [ reply ]
I don't see anything wrong with it - if you've got an unauthorized process on your machine wandering around the net attacking people, why shouldn't it get a bullet to the head?
...
[ more ] [ reply ]
Isn't this like smacking the neighbor's kid for mouthing off?
2003-01-15
Anonymous
Anonymous
Where i grew up, this was the normal.. I'd have plenty of adults around, my parents or not to keep me in line. The law is broken on install.
There is no question to if the law is faulty or not, it simply is, made by man, and imperfect. Understanding where the line is drawn for what is "right"...
[ more ] [ reply ]
There is no question to if the law is faulty or not, it simply is, made by man, and imperfect. Understanding where the line is drawn for what is "right"...
[ more ] [ reply ]
Isn't this like smacking the neighbor's kid for mouthing off?
2003-01-16
Anonymous (1 replies)
Anonymous (1 replies)
Actaully, it's more like there's a rabid dog running around in your neighbor's front yard. It doesn't belong to your neighbor and it's somewhat dangerous. The neightbor's not really responsible for the dog, though if he lets it run around long enough he will be. However, if you go and get your sh...
[ more ] [ reply ]
[ more ] [ reply ]
Isn't this like smacking the neighbor's kid for mouthing off?
2003-01-23
Dr. Vesselin Bontchev
Dr. Vesselin Bontchev
> Actaully, it's more like there's a rabid dog running
> around in your neighbor's front yard. It doesn't belong
> to your neighbor and it's somewhat dangerous. The
> neightbor's not really responsible for the dog, though if
> he lets it run around long enough he will be. However, if
> you go a...
[ more ] [ reply ]
> around in your neighbor's front yard. It doesn't belong
> to your neighbor and it's somewhat dangerous. The
> neightbor's not really responsible for the dog, though if
> he lets it run around long enough he will be. However, if
> you go a...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Ronald
Ronald
And what happens when your strikeback of my infected server is deemed to be an attack by my IDS. Do I, the owner of the server, have the right to launch my own strikeback against the strikeback...
Soon the Internet grinds to a halt due to a self imposed DoS of strikeback packets.
As many othe...
[ more ] [ reply ]
Soon the Internet grinds to a halt due to a self imposed DoS of strikeback packets.
As many othe...
[ more ] [ reply ]
NIMBDA - bad example
2003-01-15
Anonymous
Anonymous
Any strikeback technique would NOT have worked against Nimbda (or any other work or virus) until after the virus was out, and someone knew enough about it to write some sort of strike back code.
Assuming you can do this pretty quickly, I would hope you would patch your system to protect AGAINST t...
[ more ] [ reply ]
Assuming you can do this pretty quickly, I would hope you would patch your system to protect AGAINST t...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
If your neighbour goes beserk and starts taking pot shots out his window (including at your house) what do you do? People are dying on the street as you watch. Do you call the police and watch the carnage from your balcony or grab your gun and take him out? After all you have the bullet holes in you...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
k.lichtenwalder@computer.org
k.lichtenwalder@computer.org
> If parents don't vaccinate their children, the state takes > them out of school. If a dog consistently attacks people,
> the authorities put it down. If someone commits three
> felonies, they are put away for life. This is because the
> rights of the many outweigh the rights of the one.
>
> ...
[ more ] [ reply ]
> the authorities put it down. If someone commits three
> felonies, they are put away for life. This is because the
> rights of the many outweigh the rights of the one.
>
> ...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
pha153
pha153
much as i like the idea of being able to disarm any threat to my systems without prior authority from the perpetrator, I cannot bring myself to condone these actions. I see dozens of mails to my company from DOS attacks using spoofed address space and I get the flak from all the sysadmins not lookin...
[ more ] [ reply ]
[ more ] [ reply ]
ISP's should be held responsible for their users!
2003-01-15
Anonymous
Anonymous
The only way to really fix this, and fix it good, is if ISP's
lose the ability to claim "common carrier" status, and are
held legally accountable for the actions of their users.
Seriously... do you think that companies like Roadrunner
and PacBell will still ignore abuse complaints if they
su...
[ more ] [ reply ]
lose the ability to claim "common carrier" status, and are
held legally accountable for the actions of their users.
Seriously... do you think that companies like Roadrunner
and PacBell will still ignore abuse complaints if they
su...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Dan
Dan
In my experience as an end-user (and not an admin), viruses online are pretty well equivalent to real life viruses.
So... if you find someone with a cold (that you obviously are taking great care to avoid), should you have the right to inject them with a syringe to kill their virus and protect yo...
[ more ] [ reply ]
So... if you find someone with a cold (that you obviously are taking great care to avoid), should you have the right to inject them with a syringe to kill their virus and protect yo...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
The sad part is that some people actual think this is a good idea.
What part of strikeback is going to prevent the offending system from being re-infected and attacking you again?
My two cents:
If you THINK a system is attacking you, then you report it to your ISP. Your ISP does it's job a...
[ more ] [ reply ]
What part of strikeback is going to prevent the offending system from being re-infected and attacking you again?
My two cents:
If you THINK a system is attacking you, then you report it to your ISP. Your ISP does it's job a...
[ more ] [ reply ]
Striking Back
2003-01-15
Peter Schultz
Peter Schultz
Although I share the same surname as Eugene Schultz, I do not agree with his point of view. I don't even see a move like this as a black hat hacker think to do. In fact, I would say you were doing a good deed. It is quite unfriendly to be peppered with this malicious network activity and anyone p...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Ryan Weaver
Ryan Weaver
What it boils down to is this: Do you want an individual that you have no way of knowing what their actual motives are, given the right to enter your computer with the purpose (or pretense) of killing a process for which that individual feels is repeatedly attacking thier systems?...
A person mig...
[ more ] [ reply ]
A person mig...
[ more ] [ reply ]
3 strikes
2003-01-15
Jeremiah Blatz
Jeremiah Blatz
"If someone commits three felonies, they are put away for life."
Of course, this is a horrible law, mostly used to imprison non-violent criminals. It's worht pointing out that the family for whom this law was passed (their daughter was killed by a repeat sexual offender on parole) is actively cam...
[ more ] [ reply ]
Of course, this is a horrible law, mostly used to imprison non-violent criminals. It's worht pointing out that the family for whom this law was passed (their daughter was killed by a repeat sexual offender on parole) is actively cam...
[ more ] [ reply ]
Strikeback, Part Deux -- vacinations
2003-01-15
Anonymous (1 replies)
Anonymous (1 replies)
> If parents don't vaccinate their children, the state takes > them out of school.
Actually. This isn't true. No one can force you to vaccinate your children because vaccines can and often do cause death and/or serious injury. Making something compulsory makes one liable for damage done by t...
[ more ] [ reply ]
Actually. This isn't true. No one can force you to vaccinate your children because vaccines can and often do cause death and/or serious injury. Making something compulsory makes one liable for damage done by t...
[ more ] [ reply ]
Strikeback, Part Deux -- vacinations
2003-01-23
Dr. Vesselin Bontchev
Dr. Vesselin Bontchev
> No one can force you to vaccinate your children because
> vaccines can and often do cause death and/or serious
> injury.
You are mistaken. Someone can. Read carefully the Homeland Security Act. Check with a laywer about the laws of your state, if you live in the USA. If the US government has ...
[ more ] [ reply ]
> vaccines can and often do cause death and/or serious
> injury.
You are mistaken. Someone can. Read carefully the Homeland Security Act. Check with a laywer about the laws of your state, if you live in the USA. If the US government has ...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
I note that many of the comments, including most of the hostile ones, clearly indicate that the posters have not bothered to read the original article. In many cases, they appear to be reacting purely to the single word "strikeback", and arguing as if the original proposal was for a no-holds-barred...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
This is no way to protect the security of your system, it only promotes anarchy and fear in the online community.
However, it IS a good way to cement your job as a security advisor, should the situation it promotes come to pass... (always ask "who benefits?")
There is no reason beyond politic...
[ more ] [ reply ]
However, it IS a good way to cement your job as a security advisor, should the situation it promotes come to pass... (always ask "who benefits?")
There is no reason beyond politic...
[ more ] [ reply ]
CounterAttacking is your right
2003-01-15
Anonymous
Anonymous
By having a program analyze your web logs for attacks like Nimda, then automaticlly launching a counter attack that in essence "neutralizes" the attacking machine, you are doing the internet community a valuable service.
I agree that at the outset of Nimda, a program like this would probably have...
[ more ] [ reply ]
I agree that at the outset of Nimda, a program like this would probably have...
[ more ] [ reply ]
They just don't get it, do they?
2003-01-15
Concerned Netizen
Concerned Netizen
It seems that many of the negative responders have never looked at a packet dump of the junk that goes through their network connection. If they had, they'd see a lot of nimba/code red attacks using up the finite bandwidth. Because these attacks generally target "neighbor" IP blocks, it is usually...
[ more ] [ reply ]
[ more ] [ reply ]
Your "Right" is Wrong
2003-01-15
Anonymous
Anonymous
or two wrongs don't make a "Right".
Mr. Mullen's passionate plea for tools to fight "attacks" on his systems really strikes a chord with me and many others. Life is unfair. Mr. Mullen longs for a way to make it more fair. Unfortunately, he schemes to make it "more fair" for himself by being un...
[ more ] [ reply ]
Mr. Mullen's passionate plea for tools to fight "attacks" on his systems really strikes a chord with me and many others. Life is unfair. Mr. Mullen longs for a way to make it more fair. Unfortunately, he schemes to make it "more fair" for himself by being un...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
I have to admit, I have similar inclinations to Mullen. I would never go after an innocent system running a worm, I have, however retrieved info off of hackers systems, and used that info to deter them. This if find is quite successfull. Whether or not I would shut down the offending system depen...
[ more ] [ reply ]
[ more ] [ reply ]
Examples are flawed.
2003-01-15
Bob James
Bob James
Others have written extensively about the legal ramifications of strikeback, and of the implied need of an official body to perform them. However, the author is using three examples at the end that are flawed.
First, the vaccine issue: In many states, there are exemptions to the vaccine rules. He...
[ more ] [ reply ]
First, the vaccine issue: In many states, there are exemptions to the vaccine rules. He...
[ more ] [ reply ]
No Automation
2003-01-15
Jeff Licquia
Jeff Licquia
If automated strikeback systems become commonplace, hackers will choose a new target: upstream routers.
Own the router, and you own the downstream network connection. You can then fake an "attack" that looks like it's coming from some poor schmuck, but is really coming from the router itself. T...
[ more ] [ reply ]
Own the router, and you own the downstream network connection. You can then fake an "attack" that looks like it's coming from some poor schmuck, but is really coming from the router itself. T...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
From the article:
If parents don't vaccinate their children, the state takes them out of school. If a dog consistently attacks people, the authorities put it down. If someone commits three felonies, they are put away for life. This is because the rights of the many outweigh the rights of the one. ...
[ more ] [ reply ]
If parents don't vaccinate their children, the state takes them out of school. If a dog consistently attacks people, the authorities put it down. If someone commits three felonies, they are put away for life. This is because the rights of the many outweigh the rights of the one. ...
[ more ] [ reply ]
so why don t you claim the right to shoot dogs too ?
2003-01-15
Anonymous (1 replies)
Anonymous (1 replies)
and the right to drag kids out of school. That s a bit low tech, but you could get your kicks from that too !
If the cops don t catch the burglars, it doesn t make it right for you to do it intead of them. Democracy is what slipped out of your brains when you wrote that piece. It could be that ...
[ more ] [ reply ]
If the cops don t catch the burglars, it doesn t make it right for you to do it intead of them. Democracy is what slipped out of your brains when you wrote that piece. It could be that ...
[ more ] [ reply ]
I do claim the right to shoot dogs
2003-01-15
Bob
Bob
If I'm being attacked by a rabid dog then sure I'm going to shoot it (and to hell with its owner who failed to vaccinate it and keep it fenced in.) I think I'd be completely within my rights AND I also think that the dog's owner would likely be facing city fines AND I'd be in a position to sue him....
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux Star Trek Redux?
2003-01-15
Anonymous
Anonymous
I'm surprised no one picked up on Mr. Mullen's use of
Spock's "The needs of the many outweigh the needs of the one"...
Certainly I prefer Kirk's "The needs of the one outweigh the needs of the many" response.
Reduced to it's simplest non-geek form, society bears the burden of it's weakest membe...
[ more ] [ reply ]
Spock's "The needs of the many outweigh the needs of the one"...
Certainly I prefer Kirk's "The needs of the one outweigh the needs of the many" response.
Reduced to it's simplest non-geek form, society bears the burden of it's weakest membe...
[ more ] [ reply ]
security = ethics
2003-01-15
Anonymous
Anonymous
there is a balance between the security you gain and the security you sacrifice. The respect for privacy and freedom is other's security in itself. Security is not bound to dataprocessing systems, but to people. The machine doesn t need security, the users do. When you destroy more of users' securit...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous
Anonymous
It's probably been said before, but if it has, it deserves repeating. Your analogy of 3 strikes for a felon is completely incorrect. You're leaving out a very important, the most important part. Felons get a trial for each and every act. We don't get to automatically say "Hey you've committed th...
[ more ] [ reply ]
[ more ] [ reply ]
We need 2 internets, 1 for the safe and 1 for the dumb
2003-01-15
Ryan N.
People who oppose strikeback are the same type of folks that believe some government authority will be there to hug them, tell them everything will be OK, and put their lives back together. People who are FOR strikeback are the types that believe in self-reliance.
We need some alternate interne...
[ more ] [ reply ]
Ryan N.
People who oppose strikeback are the same type of folks that believe some government authority will be there to hug them, tell them everything will be OK, and put their lives back together. People who are FOR strikeback are the types that believe in self-reliance.
We need some alternate interne...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
Anonymous (1 replies)
Anonymous (1 replies)
I am one of the "operational" security experts Mr. Mueller is talking about. I work "in the trenches" every day, and yes we get hit with every worm, virus, script kiddie, you name it day in and day out. I am definitely in the "real world", and my opinion is that "strike back" will not work.
F...
[ more ] [ reply ]
F...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-16
Anonymous
Anonymous
You say:
"I am one of the "operational" security experts Mr. Mueller is talking about." I am sorry to say, but I just don't believe you. If you really were, you would not say something like "contact the ISP" 'cause you would know that does absolutely nothing!
To say that it is illegal and "m...
[ more ] [ reply ]
"I am one of the "operational" security experts Mr. Mueller is talking about." I am sorry to say, but I just don't believe you. If you really were, you would not say something like "contact the ISP" 'cause you would know that does absolutely nothing!
To say that it is illegal and "m...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-15
M. Durrant
M. Durrant
Silly burglar arguments aside, here it the best metaphor:
Your neighbor's sprinkler system has been inadvertently modified by a passing animal and it is now directing the full stream of it's force onto your yard, including your prize-winning tulips. As opposed to waiting for your neighbor to retu...
[ more ] [ reply ]
Your neighbor's sprinkler system has been inadvertently modified by a passing animal and it is now directing the full stream of it's force onto your yard, including your prize-winning tulips. As opposed to waiting for your neighbor to retu...
[ more ] [ reply ]
Strikeback - Think b4 you dump
2003-01-15
Dimitris (1 replies)
Dimitris (1 replies)
Hey!
Sit back, read my text & think about it for a minute.
We live in a democratic society, where the right of many outwieghs the right of the few. to make my point clearer, consider for a minute that each of our computers is our land complete with house, parking space, dogs, etc.
Now, if a ...
[ more ] [ reply ]
Sit back, read my text & think about it for a minute.
We live in a democratic society, where the right of many outwieghs the right of the few. to make my point clearer, consider for a minute that each of our computers is our land complete with house, parking space, dogs, etc.
Now, if a ...
[ more ] [ reply ]
Strikeback - Think b4 you dump
2003-01-16
Anonymous
Anonymous
What do you do if the malicious virus has taken over a legitimate process? Say, the web server? Now when Mr. Mullen kills the virus process, he also kills my web server. Can I hold him responsible for money lost while my corporate web server was not up?
I'm all for stopping viruses (seems like...
[ more ] [ reply ]
I'm all for stopping viruses (seems like...
[ more ] [ reply ]
The rule of Law
2003-01-16
Anonymous
Anonymous
What is proposed under "strikeback" is pure vigilantism.
You should NOT be allowed to trespass. (entering a
computer over which you have no authority is trespassing)
You should NOT be allowed to cause damage to other's
property, even if you perceive it to be causing damage
to your property...
[ more ] [ reply ]
You should NOT be allowed to trespass. (entering a
computer over which you have no authority is trespassing)
You should NOT be allowed to cause damage to other's
property, even if you perceive it to be causing damage
to your property...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-16
Anonymous
Anonymous
All of your nice examples concerning various pets, bodily functions, and self defense are nice and all.
Self defense may be the best argument, however self defense must satisfy several difficult criteria to be legal - is there immediate danger to life and limb? Did the "victim" try to resolve ...
[ more ] [ reply ]
Self defense may be the best argument, however self defense must satisfy several difficult criteria to be legal - is there immediate danger to life and limb? Did the "victim" try to resolve ...
[ more ] [ reply ]
Strikeback, Part Deux - Biological Hackback!
2003-01-16
kevmit (1 replies)
Hey! I have a "great" idea. A coworker came to work today with a nasty cold. All day long he's been coughing and spewing his "germ packets" all over the place with no regards for other biological systems. He is obviously displaying a lack of knowledge regarding disease transmission vectors...the ...
[ more ] [ reply ]
kevmit (1 replies)
Hey! I have a "great" idea. A coworker came to work today with a nasty cold. All day long he's been coughing and spewing his "germ packets" all over the place with no regards for other biological systems. He is obviously displaying a lack of knowledge regarding disease transmission vectors...the ...
[ more ] [ reply ]
Strikeback, Part Deux - Biological Hackback!
2003-01-17
Not Kevin
Not Kevin
What a wonderfully irrelevant anology! What's next, saying that if someone has HIV that we can use a flamethrower on them? It is about as applicable.
And stop posting under "kevmit" as if you want us to think you are someone you are not. Kev would never say something so worthless.
...
[ more ] [ reply ]
And stop posting under "kevmit" as if you want us to think you are someone you are not. Kev would never say something so worthless.
...
[ more ] [ reply ]
You shoot them...they shoot you back?
2003-01-17
Anonymous (1 replies)
Anonymous (1 replies)
In an analogy, a dog is the critical computer process, you are a farm hand on a farm. A neighbor shoots your owners dog from off of your property, hiding somewhere in the woods with a high power rifle. You get your shotgun and cross the neighbors property line, armed, and looking to 'neutralize' t...
[ more ] [ reply ]
[ more ] [ reply ]
You shoot them...they shoot you back?
2003-01-18
Johnny Ringo
Johnny Ringo
OK, I am officially freaked out now. This is where it get's scary. I mean like, frightening. Even if I tried to make something up that was wacked out on purpose, I could not reach this level of insanity. Most of the other analogies are so far over the top that they are funny to read- but for you...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-20
Anonymous (1 replies)
Anonymous (1 replies)
I think it's a great idea and that it would not have any significant security risks since all Microsoft computers are wide open anyway.
I sure would like a way to shut Microsoft systems down, that would really make the internet a safer place for all of us.
/Muhahaha...
[ more ] [ reply ]
I sure would like a way to shut Microsoft systems down, that would really make the internet a safer place for all of us.
/Muhahaha...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-20
Anonymous (1 replies)
Anonymous (1 replies)
You obviously know nothing about how to secure a Microsoft server. You must be one of those MS admins that leave their IIS wide open to get nailed by Nimda; then blame it on Microsoft when something happens.
If you don't know how to secure your box, don't assume everyone else doesn't. That goes f...
[ more ] [ reply ]
If you don't know how to secure your box, don't assume everyone else doesn't. That goes f...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-21
Anonymous (2 replies)
Anonymous (2 replies)
Funny that you get so angry from something that obviously was a joke. You MS admins sure must be under a lot of pressure.
However, I do take offense to you accusing *me* of being an MS admin. :)...
[ more ] [ reply ]
However, I do take offense to you accusing *me* of being an MS admin. :)...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-21
Anonymous
Anonymous
nah... we just have to put up with *nix admins who think they know everything; but when you engage them in a constructive conversation regarding security or centralized administration they fall apart because of their lack of experience in the real world. ;)
I would never accuse you of being an MS...
[ more ] [ reply ]
I would never accuse you of being an MS...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-22
Anonymous (1 replies)
Anonymous (1 replies)
Grow up. All OS's are all just as insecure if you don't know how to secure them. If you need "strike back" as your means to "shut down" a Win32 machine, then you should not be in system security, and you should not be posting here. ...
[ more ] [ reply ]
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-23
Anonymous (1 replies)
Anonymous (1 replies)
Strikeback is not a means of shutting down a Win32 machine (and from what I understand, it is not OS specific either). It is a means of addressing a serious problem, and I think the presentation has merit.
At least he is constructively addressing the problem while you children argue over Linux...
[ more ] [ reply ]
At least he is constructively addressing the problem while you children argue over Linux...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-24
Anonymous
Anonymous
"At least he is constructively addressing the problem while you children argue over Linux vs. Windows."
I agree, Windows 2000/03 is far superior, so stop trying to prove otherwise.
As for Mullen, he is one of Sec. focus's more realistic and gifted security specialists/writers. Your ideas alway...
[ more ] [ reply ]
I agree, Windows 2000/03 is far superior, so stop trying to prove otherwise.
As for Mullen, he is one of Sec. focus's more realistic and gifted security specialists/writers. Your ideas alway...
[ more ] [ reply ]
Strikeback, Part Deux
2003-01-22
Anonymous
Anonymous
I have to say there is two avenues of thinking here. One in which we are basically saying, fight fire with fire. If they are stealing your ideas, hard work, then use whatever means there is to shut them down, even if its under of the guise of ethical hacking, which honestly it isn't.
Secondly, t...
[ more ] [ reply ]
Secondly, t...
[ more ] [ reply ]
Rights and defenses
2003-01-23
Dr. Vesselin Bontchev (1 replies)
Dr. Vesselin Bontchev (1 replies)
Yes, it's a controversial issue.
I am an expert in the computer virus field and I have had pretty much the same argument with my fellow anti-virus experts. I essentially support Tim's idea. Sadly, most other security experts do not.
OK, what I support is slightly different. I am not advocating...
[ more ] [ reply ]
I am an expert in the computer virus field and I have had pretty much the same argument with my fellow anti-virus experts. I essentially support Tim's idea. Sadly, most other security experts do not.
OK, what I support is slightly different. I am not advocating...
[ more ] [ reply ]
Rights and defenses
2003-01-24
Anonymous (1 replies)
Anonymous (1 replies)
Pure bunk. In your mind and in the mind of only a few who eek out a living rummaging throught the childish code of 10 year olds, you're an expert. You're not an expert I AM!
Come near my machine Mr. Self-Appointed EXPERT, you see what type of expert I am....
[ more ] [ reply ]
Come near my machine Mr. Self-Appointed EXPERT, you see what type of expert I am....
[ more ] [ reply ]
Legalities
2003-01-23
Anonymous
Anonymous
All those real-life legal analogies are flawed in one common way.
In a lawful world, you have legal authorities you can normally resort to. If somebody is invading your home, you can call the police. In such an environment, limiting the power to strike back to the authorities makes sense.
Hell...
[ more ] [ reply ]
In a lawful world, you have legal authorities you can normally resort to. If somebody is invading your home, you can call the police. In such an environment, limiting the power to strike back to the authorities makes sense.
Hell...
[ more ] [ reply ]
You are already lost
2003-01-24
Anonymous
Anonymous
If you think that you are not responsible for the activity that takes place on your server. If you host a warez or kiddie pr0n ring then YOU are going to jail - EVEN IF YOU'RE CLUELESS! Same thing goes (IMHO) for hosting a malicious process. But we don't jail idiots for that. So think of strike ...
[ more ] [ reply ]
[ more ] [ reply ]
Like Lamo, who is noto...
[ more ] [ reply ]