Chapter 12 - When the Tables Turn: Passive Strike-Back

Abstract

This chapter discusses the obstacles that could possibly be placed in the path at various phases of an attack to slow down or even cripple the attacker's tools. Obstacles should only affect the attacker, and never an innocent bystander; the concept has been labeled “Passive Strike-Back”. Until now, network security defenses have largely been about building walls and fences around the perimeter of the network. With this passive approach to security, the attacker has the prerogative to strike at will, attacking when and where he chooses. Even if the attack fails, the victim carries a high cost in terms of the technology, the bandwidth, the time, and other resources that are required to keep the attacker out. The attacker carries almost no costs and, using various tools and automation techniques, can continue trying until he/she finds a kink in the armor and finally achieves success. Therefore, this passive-defensive approach to security on the Internet ultimately advantages the attacker. By making an attack on our network costly and even dangerous, we can force the attacker to proceed cautiously and carefully consider his/her every move. “Passive Strike-Back” explores techniques and tools that can be used to turn the tables on prospective attackers by using Camouflage, Disinformation, Misdirection, Obfuscation, and Proportional Response.