Would someone please explain the benefit of retaliatory scans? As a white-hat, my responsibility is to protect our internal systems from risks (virus, hacking, spamming, stupid users). While it would be interesting to get into infowarfare, which is essentially what this is, I don't see the gain.
-----Original Message----- From: Hugo van der Kooij [mailto:[EMAIL PROTECTED] Sent: 05 March 2004 21:54 To: [EMAIL PROTECTED] Subject: Re: Nessus and Snort
On Fri, 5 Mar 2004, Jon Goode wrote:
> Has anyone considered setting up snort to detect network scans from
external
> networks, then automatically having nessus 'retaliate' a scan and post the
> results of the offending machine? Or could this loop? :)
>From a legal point of view it would be illegal in most countries. (Enforcing it is another matter but I know Dutch crackers shouldn't try poking foreign sites as some of them found out the hard way.)
>From a technical point of view it is likely you will try to hit the wrong people and effectively be part of the menace.
Hugo.
-- All email sent to me is bound to the rules described on my homepage. [EMAIL PROTECTED] http://hvdkooij.xs4all.nl/ Don't meddle in the affairs of sysadmins, for they are subtle and quick to anger. _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
************************************** CONFIDENTIALITY NOTICE/DISCLAIMER
This email and any attachments are confidential, protected by copyright/intellectual property rights and may be legally privileged. If you are not the intended recipient, dissemination or copying of this email is prohibited.
If you have received this in error, please notify us by forwarding this email to the following address ( mailto:[EMAIL PROTECTED] ) and then delete the email completely from your system.
This email and any attachments have been scanned for computer viruses by a market leading anti-virus system. However, it is the responsibility of the recipient to conduct its own security measures. No responsibility is accepted by Markel International Ltd. and/or its subsidiaries/service companies for loss or damage arising from the receipt or use of this email and any attachments.
No responsibility is accepted by Markel International Ltd. and/or its subsidiaries/service companies for personal emails.
Markel International Ltd, http://www.Markelintl.Com
**************************************
_________________________________________________________________
It's fast, it's easy and it's free. Get MSN Messenger today! http://www.msn.co.uk/messenger
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
