-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: Paul D. Robertson [mailto:[EMAIL PROTECTED]]
> Sent: Friday, May 12, 2000 3:45 PM
> To: Steve Coleman
> Cc: Damian Gerow; [EMAIL PROTECTED]
> Subject: Re: FW: Redirecting closed port connections
>
>
> On Fri, 12 May 2000, Steve Coleman wrote:
>
> > This reminded me I a somewhat (legally) flawed idea I had
> in the past
> > which was to redirect all the probes back at the host that they were
> > coming from. This way the perpetrator would be scanning the
> machine that
> > (s)he is sitting on and wasting their time trying to break
> into their
> > own system.
> >
>
> And if they're spoofing source addresses, you'll be sending
> packets at an
> innocent victim, and if they're doing the same thing...
Which is the problem with active responses. But I'm sure in a court of
law, one could maintain that if the actions taken by the attacker had
not been, the 'innocent victim' would have been unscathed.
As a note, you are legally allowed to defend (in Canada) with one level
higher of an attack as what you are being attacked with. So if someone
DoSes you, try a DDoS... ;) (but I think this won't really apply to
computers).
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBORxiifWPEBDMsfC4EQLIMwCggP1APxfRSBiFKMLSG8LzsdT08xYAn1oA
GNfIwdX5OgjsIjIWymP7OD8S
=3//6
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
