On 9/3/2011 11:22 AM, Kevin W. Wall wrote:
> On Fri, Sep 2, 2011 at 6:19 PM, Chris Schmidt <chrisisb...@gmail.com> wrote:
>> On Sep 2, 2011, at 10:44 AM, "Goertzel, Karen [USA]"
>> <goertzel_ka...@bah.com> wrote:
>>> What we need is to start building software that can fight back. Then we
>>> could become part of "cyber warfare" which is much sexier than "software
>>> assurance". :)
>> Simple. Owasp esapi + owasp appsensor + honeypot = win
> I'd still consider that defensive. If you want" cyber warfare" and are willing
> to go over to the dark side, you can define your own custom AppSensor response
> actionsto act offensively. For instance, you could easily try to
> download malware
> to the attacker or mount a DoS attack against them.
>
> Personally, I don't recommend such escalation though, even if it is a
> tit-for-tat
> strategy. Reacting in that manner is likely to make you a criminal as well.
>
> -kevin
That may be, but there are ways to fight back without breaking the law..
Hence the honeypot, let the attacker exploit the hell out of a system
that does absolutely nothing track all of his movements and gather as
much intel about them as possible - then provided you have good audit
logging you have more information than you can handle about the attack
to forward on to the feds for appropriate vanning. Granted, this is
making some pretty hefty assumptions about the state of the app in
question, the skill of the attacker, and the vanning abilities of the
men in black, but it is far more sexy than purely writing defensive code
alone.
_______________________________________________
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________
