> Just a thought, but has anyone addressed the issue of proactive
> countermeasures? For example if one detects a sequential probe of one's
> tcp or udp ports, what would prevent one from firing back a couple of
> hundred thousand 1500 byte packets to the sender? (assuming adequate
That's just being a jerk. Clogging up other people's pipe just because
you're getting groped by some ueberhacker is just A Bad Idea.
> I know some systems, like Raptor, let you send back a nag-o-gram mail
> message, but what about active reponses?
Or Fred Cohen's patented eccentricWare(tm). :-)
> Any thoughts or discussion? Any sample PERL scripts or code?
A better idea is just to let humans do the nasty follow up work, instead
of allowing weekend pseudo-AI perl scripts fire off nasties based on some
crummy heuristics. Unfortunately, just because the bonehead admin on the
other network didn't have time to fix last yea'rs RPC holes doesn't make
proactive attack responses a good idea.
> Noel Morgan
> Sr. Systems Engineer
> AmeriData Inc.
> Assigned to Calif. Dept. of General Services
> Office of Information Services
o Herr Llama <llama @
com> t "Then the chair runs right t
o http://www.randomc.com/~llama t up to my bed and jumps in. t
o \|/ ____ \|/ t And I make love to the t
o @~/ ,. \~@ Just another VHDL t wooden chair. It was uncom t
o /_( \__/ )_\ hacker. t fortable. It hurt." t
o \__U_/ t -- Yevgeny Zamyatin t