Re: [ISN] Software Hits Back at Hacker with Viruses

From: mea culpa (jerichoat_private)
Date: Mon Jun 01 1998 - 19:09:19 PDT

  • Next message: mea culpa: "Re: [ISN] Editorial - Hacker Vs. Cracker, Revisited ("

    Reply From: Kris Benson <doctorkbat_private>
    
    At 06:10 PM 01/06/98 -0600, you wrote:
    
    >> True all the way, but it would be possible to give them something ELSE
    >> than what they intended to download.  It would be more of a trap, but
    >
    >This is a reasonably good idea, but how do you get the bad guys to
    >download your trojan?  Many perpetrators of breakins don't download
    >anything at all. 
    
    Well, if you put it somewhere like:
    /private/Windows99/Updater/update.exe
    
    you would probably get a great deal of the ankle-biters and script-kiddies
    to download it.  (I'm sure we all remember the Windows97 updater -- 1.38mb
    of nothing, but it did update your startup screen)
    
    Now, I'm not sure what the statistics are, but I would imagine this would
    deter a significant portion of the cracking community -- at least after a
    few years.  With any luck the script-kiddies that were destined to become
    super-crackers would be the ones caught by this...
    
    >The internal email address should probably not be able to send or receive
    >mail from the rest of the world, otherwise it becomes not an internal
    >email address but an external address that not very many people know
    >about. 
    
    Just another example of why security by obscurity doesn't work.
    
    -kb
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:54:59 PDT