Slashdot Mirror

← Back to Stories (view on slashdot.org)

Turning Attackers' Tools Against Them

Posted by kdawson on from the back-bearings dept.

Tasha26 writes "The BBC has an interesting Web security snippet from the SyScan 2010 security conference in Singapore. In a presentation, security researcher Laurent Oudot released details of bugs found in commonly used attack kits such as Neon, Eleonore, and Sniper. These loopholes could be exploited to get more information about the attackers, perhaps identifying them, stealing their tools and methods, or even following the trail back to their own computer."

4 of 75 comments (clear)

  1. Time for hacker bounty hunter! by maillemaker · · Score: 5, Interesting

    There should be bounties put on these folks spreading this shit.

    --
    A work that expires before its copyright never enters the public domain and thus enjoys eternal copyright protection.
  2. But did he do "responsible disclosure"... by John+Hasler · · Score: 5, Funny

    ...or did he behave irresponsibly and publish the bugs without giving the vendors time to issue patches?

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  3. Low hanging fruit by retardpicnic · · Score: 5, Insightful

    Meh... Thae fact that there are errors and vulnerabilities in web based tools just means that they were written by programmers who largely don't have peer code review, which is why so many computer viruses never get to trigger or release paylod, the only working part of them is the infection mechanism. Perhaps these vulnerabilities would aid n catching a script kiddie who had downloaded a poorly programmed tool and was dumb enough to launch from his own computer. Nobody with brains would launch from "home", they would use bots, which means the police will be storming an old age home with grandparents still using windows 95. I do applaud looking at hacking tools though, I workd for a company that used a stripped down, harmless version of the sub7 trojan to deploy software and it was far superior to commercial deployment solutions at the time.

    --
    sig loading.......
  4. Re:In other news... by Gadget_Guy · · Score: 5, Insightful

    In other news, researchers learn that script kiddies tend not to be very good software developers.

    Surely the very definition of a script kiddie is someone who doesn't write hacking software, but uses software built by others.

    I think this shows that the hacking community can be a bit arrogant, and they think that hackers won't go after one of their own.