[Dshield] Firewall that bites back??? Addendum

Alberto Gonzalez ag-dshield at cerebro.violating.us
Wed Nov 20 19:45:36 GMT 2002

IMO, deception is a nice way to go, tools like honeyd[1] and bigeye[2] 
are great to play with. I personally wouldn't like to tick
an intruder off, because just in case of that "what if". Though there is 
a what-if with everything related to security, but
what can ya do? even life has risks.


    - Albert

[1] - http://www.citi.umich.edu/u/provos/honeyd/
[2] - http://violating.us/projects/bigeye/

Richard Porter wrote:

>But where do you draw the line at active defense and deception? I would
>prefer to make the enemy think that my webserver is an IIS 5.0 when it
>is actually apache or vice versa. This drives them crazy and allows you
>to have a little fun in the defense process!

The secret to success is to start from scratch and keep on scratching.

More information about the list mailing list