Opening fake ports that, when scanned, trigger an alert or slow down the attacker's scanning tools (tarpitting).
Despite its visionary status, Offensive Countermeasures is not without its shortcomings. The 2013 version is considered "light on substance and more of a cursory look at active defense" by the Cybersecurity Canon review, and its legal overview is now "dated". Many practical examples, such as those involving Java applets, are obsolete. However, its true legacy is successfully shifting the conversation from passive defense to proactive engagement, inspiring a generation of security professionals to think like their adversaries. offensive countermeasures the art of active defense pdf
Tarpits purposely respond to network requests slowly. A script-driven attacker scanning a network with a tarpit will find their connection held open indefinitely, exhausting their system resources and stalling their attack campaign. Honeytokens and Canary Artifacts Opening fake ports that, when scanned, trigger an
Published in 2013 and authored by a team of industry veterans including John Strand, Paul Asadoorian, Benjamin Donnelly, Bryce Galbraith, and Ethan Robish, this book was written for information security professionals who are "tired of playing catch-up with hackers". As the title suggests, it advocates for a fundamental change in mindset. Rather than waiting to be attacked and then responding, organizations are encouraged to take the fight to their adversaries. Many practical examples, such as those involving Java