Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
The Right to Defend
Tim Mullen, 2002-07-29

Is it criminal to reach out and hack an infected machine that's attacking your network?

Comments Mode:
The Right to Defend 2002-07-29
Anonymous (10 replies)
The Right to Defend 2002-07-29
Anonymous (1 replies)
The Right to Defend 2002-08-01
Anonymous (3 replies)
The Right to Defend 2002-08-01
Anonymous (1 replies)
The Right to Defend 2002-08-05
Anonymous
The Right to Defend 2002-08-06
Anonymous
The Right to Defend 2002-08-07
moleculem@t
The Right to Defend 2002-07-29
Anonymous (1 replies)
The Right to Defend 2002-07-30
Anonymous
The Right to Defend 2002-07-29
Anonymous
The Right to Defend 2002-07-31
Kruse (1 replies)
The Right to Defend 2002-08-01
Anonimouse
The Right to Defend 2002-07-31
Anonymous
The Right to Defend 2002-07-31
William Stone, III
The Right to Defend 2002-08-01
Anonymous
The Right to Defend 2002-08-05
Anonymous
this makes no sense 2002-08-07
Anonymous
The Right to Defend 2002-08-08
Anonymous
The Right to Defend 2002-07-29
Anonymous
The Right to Defend 2002-07-29
Anonymous
Happened with Code Red 2... 2002-07-29
Nicholas Weaver
The Right to Defend 2002-07-29
Matthew Waddell (3 replies)
The Right to Defend 2002-07-30
Anonymous
The Right to Defend 2002-07-31
J. J. Horner (1 replies)
More Misinformation 2002-08-07
Anonymous 3 Letter Agency
Misinformation 2002-08-07
Anonymous 3 Letter Agency
Every single thing you say here is wrong.
For one, Mullen does not talk about random hack-backs. His Blackhat presentation was the best of the entire conference. He convinced many people, some in my agency, that this is actually viable. There is alot of talk about it internally.

If you research a bit, you will see that a 3 way handshake, required for CR and Nimda, cannot be easily spoofed. Machines attacking with Nimda or CR are easily identifiable. Mullen's technique also leaves the system fully functional- this amazed me. He uses the worm code against itself to stop it from attacking other boxes. Nothing else is effected. He demo'd it.

I firmly believe that this process will be utilized in the future.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/98/16091#16091
Wanna be a cowboy 2002-07-29
Me (2 replies)
Wanna be a cowboy 2002-07-30
Anonymous
Wanna be a cowboy 2002-07-31
Anonymous
Responisbility for abetting a crime 2002-07-29
Anonymous (2 replies)
Responisbility for abetting a crime 2002-07-30
Anonymous
Responisbility for abetting a crime 2002-07-30
Anonymous
The Right to Defend 2002-07-29
Anonymous
The Right to Defend 2002-07-29
Anonymous
The Right to Defend 2002-07-30
Anonymous
The Right to Defend 2002-07-30
Anonymous
The Bigger Picture 2002-07-30
Anonymous
The Right to Defend 2002-07-30
Anonymous
The Right to Defend 2002-07-30
Anonymous (1 replies)
The Right to Defend 2002-07-30
Anonymous
Opening a new can of worms...... 2002-07-30
kiwi
The Right to Defend 2002-07-30
Mel
The Right to Defend 2002-07-30
Hamster1
Killing a mosquito with a cannon? 2002-07-31
S Guy
What about the the rights of the entertainment industry? 2002-07-31
Brian Erdelyi (1 replies)
What about the the rights of the entertainment industry? 2002-07-31
William Stone, III (1 replies)
What about the the rights of the entertainment industry? 2002-08-05
Brian Erdelyi
The Right to Defend 2002-07-31
Anonymous
The Right to Defend 2002-08-01
Anonymous
The Right to Defend 2002-08-03
sceptic
The Right to Defend 2002-08-04
Itdincor
The Right to Defend 2002-08-05
State Admin (1 replies)
The Right to Defend 2002-08-06
Anonymous sysadmin
The Right to Defend-why not nukes? 2002-08-05
Anonymous
Here here! 2002-08-06
Anonymous (1 replies)
Here here! 2002-08-06
Astrix
The Right to Defend 2002-08-08
IV
The Right to Defend to a degree... 2002-08-09
Scott







 

Privacy Statement
Copyright 2009, SecurityFocus