Reply From: "John Q. Public" <tpublic@dimensional.com>
|Reply From: William T Wilson <fluffy@dunadan.com>
|
|> system as retaliation. Of course, that is if any of this exists which
|> I highly doubt (and certainly hope doesn't exist).]
|
|It doesn't, let's see why.
[clipped]
|> The administrator has the option of asking the sentries to track the
|> path of the data and identify its source. Then he can decide on the
|> ultimate revenge and have the sentries gain entrance to the hacker's
|> computer and plant a virus.
|
|It is, of course, impossible to track the path of incoming data or to
|identify its source reliably. It is also impossible to automatically
|"gain entrace to the hacker's computer and plant a virus." Even if it
|were possible it would be against the law.
True all the way, but it would be possible to give them something ELSE than
what they intended to download. It would be more of a trap, but how about
a symbolic link (or just a renamed copy, if you will) for the file found
in ~ftp/private/secret named "update.exe" which actually contains (or IS)
a virus.
[on another point:]
|We now proceed to further descriptions of the ridiculousness of this
|article.
|
|> the FBI after the software highlighted an attack from teenage hackers
|> using pornographic messages to entice staff at blue-chip companies,
|> intelligence agencies, university and military establishments to reveal
|> e-mail addresses.
|
|Ah yes. They sent an e-mail asking for their e-mail address.
|
|> people to get disgusted with the offer of illicit material," he says. "As
|> soon as they answered and asked to be removed, the hackers had their
|> e-mail address and the address of their host server."
|
|There are a lot of easier ways to find someone's email address...
|subscribe to some mailing lists, or watch usenet or something.
|Notwithstanding that, you don't need to get someone to reply to your
|message to see if their address is valid. If the message doesn't come
|back bounced, it's valid.
But often, you do not know the direct routing of email on the inside of a
firewall. Where I work, there is an externally-available email address and
(though not often used) an internal email address. If you were to send mail
to jsmith or bjones @somebigcompany.com you're likely to hit them. Assuming
you've got suitable bait -- as was provided in the real-world example -- you
will also get a response. The headers of that response will dictate the path
of the mail inside the intranet of the firewalled domain. Not a ridiculous
idea, but perhaps not the smoothest way to go about it...
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Mon Jun 1 17:50:28 1998