How do you become a Cyber Bounty Hunter?

From: C Ryll (carolynryll_at_hotmail.com)
Date: 11/07/03

  • Next message: Erik Birkholz: "RE: CEH and Intense School" 
    To: pen-test@securityfocus.com
Date: Thu, 06 Nov 2003 23:09:58 +0000

    After a discussion with some people regarding Microsoft's two posted
    bounties, I understand that cyber bounty hunters are actually available for
    hire by companies. I am curious what knowledge base, or experience, this
    type of independent position would require. Where would you obtain this form
    of security knowledge? Given that MAC and IP can both be spoofed, and that
    victim systems are often used to launch some attacks, how do you actually
    get back to the original source?

    Note that I am not talking about fundamental security knowledge (I.e., how
    to secure a system, or determining if/what was on the system), but how to
    trace back to the origin of the attack while knowing that the IP and MAC are
    most likely spoofed and/or attacks rerouted.

    Respectfully,
    Carolyn.

    _________________________________________________________________
    Frustrated with dial-up? Get high-speed for as low as $26.95.
    https://broadband.msn.com (Prices may vary by service area.)

    ---------------------------------------------------------------------------
    Network with over 10,000 of the brightest minds in information security
    at the largest, most highly-anticipated industry event of the year.
    Don't miss RSA Conference 2004! Choose from over 200 class sessions and
    see demos from more than 250 industry vendors. If your job touches
    security, you need to be here. Learn more or register at
    http://www.securityfocus.com/sponsor/RSA_pen-test_031023
    and use priority code SF4.
    ----------------------------------------------------------------------------

  • Next message: Erik Birkholz: "RE: CEH and Intense School"