Re: Is this for real?
- From: Stefano Zanero <s.zanero@xxxxxxxxxxxxxxxx>
- Date: Mon, 09 Apr 2007 18:38:16 +0200
phil.johnson@xxxxxxx wrote:
http://www.dontsteal.net
For example, if someone used a rainbow table to get into your dummy
but WPA'ed router, and if you had this system set up, and if the
intruder logged to certain accounts (say yahoo mail, for instance),
*every* stored message is downloaded and a database created, for
identification purposes. Same thing with other kinds of connections.
Firstly, it's a totally dumb system for INTRUDERS. At most it will work
against your careless neighbor or run-of-the-mill wardriver.
Secondly, it is probably illegal to do anything like that. Intercepting
communications of someone else, getting his passwords and his email, in
Italy would lead to prosecution under at least 3-4 different titles of
our penal code. IN PARTICULAR if you do it routinely against people who
mean you no harm (e.g. I sit down in a Starbucks, and pick up YOUR
wireless LAN instead of the shop's one... and you log all of my accounts ?!)
All in all, I think that this is almost as bad as "strike back
technology", and has almost the same stink of snake oil to it.
Stefano
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
- Follow-Ups:
- Re: Is this for real?
- From: Matt D. Harris
- RE: Is this for real?
- From: Adam Graham
- Re: Is this for real?
- References:
- Re: Re: Is this for real?
- From: phil . johnson
- Re: Re: Is this for real?
- Prev by Date: IDS/IPS evaluation (was Re: IDS Security Metris)
- Next by Date: RE: Is this for real?
- Previous by thread: Re: Re: Is this for real?
- Next by thread: RE: Is this for real?
- Index(es):
Relevant Pages
|
