sgcccdc @
citec .
qld .
gov .
au wrote:
> > It seems that there are a very small number of crackers out there who
> > are actually writing significant new code; unfortunately for us, some
> > of them are very talented. The majority of them are running code they
> > got from somebody else, with little or no understanding of what it
> > does or how it works.
>
> If this last statement is really true, why aren't the `good guys' planting
> trojaned (sp?) sniffers or {cr,h}acking software on the BBS's or whatever
> so that as the bad guys get to work, the good guys get notified by mail or
> whatever?
>
> Even the thought that every time they pick something up means they MAY be
> notifying the good guys may cause the bad guys to think twice or at least
> make it hard to sustain attacks from a single host. Plant the seeds of
> doubt. We (good guys :-) are paranoid, why shouldn't they (bad guys) be?
This is a terribly interesting idea. hehe... I *really* like this one.
Of course, this begs several questions:
(1) What are the legal rammifications of such activity? If I were
to write a trojan cracking tool, would I be able to be accused
of criminal activity, even though I'm really a good guy?
(2) A number of us no doubt lurk in bad guy hangouts already, but
how would we be able to propogate trojan cracking tools in the
intruder community? It stands to reason that someone who knows
what he's doing will examine the code at some point, understand
what is happening, and spread the word... Maybe binary-only
distribution?
(3) Is anyone really interested in doing such a thing (assuming
that such a thing won't get the author jailed)?
(4) What does this have to do with firewalls? Nothing directly, so
please follow up to me privately on the subject...
Follow-Ups:
|
|
