Say I "caught" a cracker...

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
User avatar
The_Anomaly
Forum Contributor
Posts: 196
Joined: Fri Aug 08, 2008 4:56 pm
Location: Tirana, Albania

Say I "caught" a cracker...

Post by The_Anomaly »

I'm looking at PHPIDS, which is beyond sweet, and I'm wondering what I could do if I recognize the attack, and log the IP address of the attacker. I mean, could I report it to the authorities? Or just ban his account, add cookies that wouldn't let him back, block his IP for a bit of time, and hope that something bad happens to him?

All I can think of is the IP address. But cant' anyone with even a free proxy get around that? Is there ANYTHING else we can do against crackers that attack? Or just try to fill every chink in our web applications' armor? Heck, out of sheer curiosity, what's the law regarding going all "virtual vigilante," and "counter-cracking?"
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Re: Say I "caught" a cracker...

Post by josh »

The_Anomaly wrote:what's the law regarding going all "virtual vigilante," and "counter-cracking?"
only a lawyer can answer that with certainty, for your situation in your local area with your local and countries laws

My best advice would be to worry about the security holes that let him in, and not so much worry about the individual or why they choose to do it. Don't retaliate, react
User avatar
The_Anomaly
Forum Contributor
Posts: 196
Joined: Fri Aug 08, 2008 4:56 pm
Location: Tirana, Albania

Re: Say I "caught" a cracker...

Post by The_Anomaly »

Yeah, if I were to do that, I'd most definitely consult a lawyer. However, as you said, the best option is probably to just to caulk all the holes--not run around trying to crack the crackers ;) I was only wondering, so I thought I'd ask here.
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Re: Say I "caught" a cracker...

Post by josh »

Yeah, when I used to do that stuff I got lazy and didn't coverup my IP once some guy found my email and was like wtf I was just like umm lol

most of the time theyre just some kid like me doing it for fun, with no bad intentions
Post Reply