Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Is this for real?

from [Stefano Zanero] Network Security [Permanent Link]
Subject: Re: Is this for real?
Date: Mon, 09 Apr 2007 18:38:16 +0200 
phil.johnson@mdp.com wrote:


http://www.dontsteal.net



For example, if someone used a rainbow table to get into your dummy
but WPA'ed router, and if you had this system set up, and if the
intruder logged to certain accounts (say yahoo mail, for instance),
*every* stored message is downloaded and a database created, for
identification purposes.  Same thing with other kinds of connections.


Firstly, it's a totally dumb system for INTRUDERS. At most it will work
against your careless neighbor or run-of-the-mill wardriver.

Secondly, it is probably illegal to do anything like that. Intercepting
communications of someone else, getting his passwords and his email, in
Italy would lead to prosecution under at least 3-4 different titles of
our penal code. IN PARTICULAR if you do it routinely against people who
mean you no harm (e.g. I sit down in a Starbucks, and pick up YOUR
wireless LAN instead of the shop's one... and you log all of my accounts ?!)

All in all, I think that this is almost as bad as "strike back
technology", and has almost the same stink of snake oil to it.

Stefano


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to 
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
 
to learn more.
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  IDS/IPS evaluation (was Re: IDS Security Metris), Tremaine Lea
Next by Date:  RE: Is this for real?, Adam Graham
Previous by Thread:  Re: Re: Is this for real?, phil . johnson
Next by Thread:  RE: Is this for real?, Adam Graham
Indexes:  [Date] [Thread] [Top] [All Lists]