Is Retaliation the Answer To Cyber Attacks? 142
coondoggie writes "Should revenge assaults be just another security tool large IT shops use to counter cyber attacks? It's a controversial idea, and the law generally frowns on cyber attacks in general, but at the Black Hat DC conference last week, some speakers took up the issue of whether and how organizations should counterattack against adversaries clearly using attack tools to break into and subvert corporate data security."
Bad idea (Score:5, Funny)
Makes about as much sense as conducting panty raids on shoplifters.
Re: (Score:2)
self defense??
Self defense would imply that the retaliation would stop the attack. It fairly obviously wouldn't, because it doesn't incapacitate the attackers. No matter what you do to the attacker's computer, at worst he just has to format it and start over, and if the attacker isn't an idiot he has backups. Which means you bought maybe a couple hours before you're back to square one. Maybe a couple days or a week if you disable a botnet. But now now the attacker (who may very well be better at this than you and have le
Re: (Score:2)
So your solution is "Kill them"? There really is no such thing as secure anymore. Devices and software can be(and are) hacked within days of their release or implementation. Sufficiently secure? If someone wants in, you're fighting an uphill battle keeping them out.
You don't have to be faster than the bear, you only have to be faster than the whoever you're standing next to.
New idea. (Score:3, Insightful)
Re:New idea. (Score:4, Funny)
5. Profit!
Re: (Score:3, Insightful)
Depending on the nature of the attack, it might be easy to spoof. If A wants to attack C then all they need to do is attack B pretending the attack is coming from C, then sit back and enjoy the show :)
Re: (Score:3)
Exactly my thought; I don't want rogue corporate types or the government trying to figure out who's do the attacking and retaliating. They need to beef up their own security and use the current legal system to subvert "cyber attacks".
Plus, given how the US govt and probably US corporations wants to treat wikileaks as a terrorist org, I can imagine big corp/govt "retaliation" being a literal Trojan Horse [SWAT team!] instead of code.
Re:New idea. (Score:5, Insightful)
The impossibility of regulating the internet is what allows us the freedoms we at Slashdot love so much, but the price of this is that it's largely unpoliceable.
Re: (Score:2)
The impossibility of regulating the internet is what allows us the freedoms we at Slashdot love so much, but the price of this is that it's largely unpoliceable.
And I regard the price as acceptable so far. We take a few knocks and we keep on going. I'd rather that than lock ourselves in some little cell of monitored and controlled connections for the sake of supposed protection. A prison will protect you from a lot of the dangers of outside life, but you still don't want to make your life a prison.
Re: (Score:2)
Have you ever _tried_ to get a warrant against a script kiddie? The last time I tried, the police and the ISP from where the script kiddie was acting both passed it along to FBI, who did _nothing_. Actually getting a prosecution basically involves educating them in how things work, even wuth the much vaunted FBI computer crime teams.
Re: (Score:2)
The world would be a better place... (Score:5, Insightful)
...if we stopped calling exploitation attempts "attacks." It's trickery; it's spying; it's occasionally even -- and this is stretching the word a little -- sabotage (in the case of DoS). But "attacks?" It makes it sound like some kind of assault that one can somehow "get even" for. The metaphor is all wrong.
Re: (Score:2)
Yeah a counter attack only makes sense if you can stop future attacks. A legal attack may put the guy in jail. But DOSing his home PC isn't going to accomplish anything for you so its a waste of effort.
Re:The world would be a better place... (Score:4, Insightful)
Only if they weren't "attacks". They often include theft, including theft of money and private information. They're often expensive to repair, They often break or impedes other computer services, and the most common forms of them are for illegal activity (such as spam running DDOS attachs). Or have you failed to look at what botnets are and how they are run?
Because such attacks far outnumer mere "exploitation attempts", and because even a mere "exploitation attempt" involves theft of computer resources or private data, yes, it's reasonable to call them "attacks".
Re:The world would be a better place... (Score:5, Insightful)
Only if they weren't "attacks". They often include theft, including theft of money and private information. They're often expensive to repair, They often break or impedes other computer services, and the most common forms of them are for illegal activity (such as spam running DDOS attachs). Or have you failed to look at what botnets are and how they are run?
Because such attacks far outnumer mere "exploitation attempts", and because even a mere "exploitation attempt" involves theft of computer resources or private data, yes, it's reasonable to call them "attacks".
If you leave your car unattended and some asshat criminal steals it, would you say he attacked you, or would you say he has stolen from you?
If you leave your ATM card in the ATM and some asshat criminal drains all the money from your account, would you say he attacked you or would you say he committed fraud and/or larceny?
If you leave a candy bar at your desk and an asshat coworker swipes it and eats it without asking you if he may have it, would you say he attacked you or would you say he swiped your candy bar?
If all of the above are attacks then what do you call it when one person physically assaults another person? We used to have a neat solution for the problem of making this distinction, in the form of specific words like "attack" that have a specific meaning. Sure, we can reject that and blur all distinctions so we can sensationalize and play up the hyperbole of comparing everything to violent assault, and justify it by saying "it's a LIVING language", but have you thought this through? Is using the correct word such an unreasonable burden, is supporting this kind of sensationalism so desirable, that it's worth introducing artificial ambiguity? I for one don't believe so.
Re:The world would be a better place... (Score:4, Informative)
If all of the above are attacks then what do you call it when one person physically assaults another person?
Battery [wikimedia.org].
Re: (Score:2)
If you leave your car unattended and some asshat criminal steals it, would you say he attacked you, or would you say he has stolen from you?
If you leave your ATM card in the ATM and some asshat criminal drains all the money from your account, would you say he attacked you or would you say he committed fraud and/or larceny?
If you leave a candy bar at your desk and an asshat coworker swipes it and eats it without asking you if he may have it, would you say he attacked you or would you say he swiped your candy bar?
If you leave your car unlocked and someone takes the opportunity to change the locks on your car so they can steal it again any day they like (while still letting you drive it--somehow), that's an attack. Doubly so if they use your car to perform illegal activities, then return it before you notice.
Same if you leave your ATM card somewhere, and they not only siphon cash, but do social engineering attacks to get the bank to disclose details that will, for instance, let them obtain a credit card in your name
Re: (Score:2)
We used to have a neat solution for the problem of making this distinction, in the form of specific words like "attack" that have a specific meaning.
When was this mythical time?
Re: (Score:2)
The legal word you are looking for for threats against one's person or safety is "assault". The legal word for laying hands on someone else against their wil and without other justifiable cause is "battery". The word "attack" has _never_ had the kind of "purely physical attack" definition you claim. The ambiguity is in your limited definition of the world: I can see where that would be confusing.
Re: (Score:2)
I logged in to mark you as a friend for the comment about precise and accurate language, but then I saw that you're already on the list. :)
Re:The world would be a better place... (Score:4, Insightful)
...if we stopped calling exploitation attempts "attacks." It's trickery; it's spying; it's occasionally even -- and this is stretching the word a little -- sabotage (in the case of DoS). But "attacks?" It makes it sound like some kind of assault that one can somehow "get even" for. The metaphor is all wrong.
I disagree. The use of the word "attack" is perfectly suited. Espionage involves attacks. Politics involves attacks. You can attack a problem, attack a mountain (climbing in mind but that could imply more than one form of 'attack'), attack a movie you found worthy of strong criticism, or attack an idea. An attack is nothing more than an aggressive action who's implication is highly dependent on the situation and context of the use of the word.
The base problem is looking at this as warfare. In the context of war, an attack has very specific connotations. That form of attack and the concept of war lead us in to the wrong mind-set for the reality of the situation. This is where trickery, spying, and sabotage comes in. This is simply a new set of tools for espionage. And while this does open a new way of looking at things beyond the old Cold War era, namely actors that may not be directly associated with a State, a lot of the traditional concepts and general nature of the behavior apply well to the exploitation of this new environment and tool sets.
Re: (Score:2)
...if we stopped calling exploitation attempts "attacks." It's trickery; it's spying; it's occasionally even -- and this is stretching the word a little -- sabotage
When you have a thirst for blood, you are in no mood to argue the fine points of language. Call it trickery, spying, who the helll cares?
Re: (Score:3)
By reducing their effect with black hole strategies rather than retaliation, we reduce the c
What are you trying to achieve? (Score:5, Insightful)
Is the attack scenario one bad guy?
Then you should contact law enforcement. Also you should make sure your security set up is appropriate.
Is the attack scenario that you are an big company and people attack you because you are known?
Then you should make sure your security set up is appropriate. Attacking people is pointless because new ones will turn up all the time.
Re: (Score:3)
Is the attack scenario one bad guy?
Then you should contact law enforcement. Also you should make sure your security set up is appropriate.
Would you perform these steps in a physical attack? i.e. an imminent physical ass whooping?
Is the attack scenario that you are an big company and people attack you because you are known?
Are you a celebrity facing a crazy person?
Then you should make sure your security set up is appropriate.
Right. Buy a gun.
Attacking people is pointless because new ones will turn up all the time.
Not after they heard about the first one.
But seriously, isn't the right of self-defense a pretty basic one? Sure, if you have no confidence of success, don't persue this option. But if you do, take 'em out.
Re:What are you trying to achieve? (Score:5, Insightful)
I think the problem is that with a cyber attack, you don't know if the computer attacking you is the actual person, a proxy, and pwned box or what. In a physical attack, yeah, I say pick up a 2x4 and pop them in the head. In a cyber attack, it is pretty easy to attack the wrong target, maybe bogging up some routers along the way causing inconvenience to innocent bystanders as well. I personally would like to see mass spammers and other cyber criminals get a firing squad on public television, as a deterrent, but not sure going vigilante is the right answer.
Re: (Score:2)
this does bring up an interesting question in the whole debate about corporate personhood. Obviously corporations have a right to some sort of self-defense: protection from libel and slander, and protection from sabotage. And of course protecting their employees. (Despite anti-corporatist bias, most corporations really could do without someone waltzing into the secretarial pool and shooting up the place.) But what are the boundaries that corporations should have in exercising self-defense?
Re: (Score:2)
Re: (Score:3)
Really, the only scenario meriting retaliation for its own sake is the one in which both you and your opponent are script kiddies, because the Internet is really just one big e-peen contest.
Re:What are you trying to achieve? (Score:4, Insightful)
The question is more are you actually going to retaliate against the attacker or is it like "Let's send some rockets back into that city, because that's where they came from." Anyone launching an attack directly from their own computer is a total amateur, chances are great it'll be some unsuspecting third party's machines and networks that'll be your battle ground. And I very much doubt they care who started it, they're likely to go after everyone that's been hacking their systems when they first find out. If I go on vacation and find two gangs have trashed my apartment I'm not really going to care who started it.
Re: (Score:3)
Your analogy is you go on vacation and, in your absence, a gangwar erupted in your apartment? Then you come back and see the damage. Respond with "Alright motherfuckers, I dont give a shit who started it." Then presumably go on to kick some ass. Sounds pretty awesome.
Re: (Score:2)
I guess the issue is does the attacker need to meet the knowingly standard. Most attacks don't use spoofed address because from most places that is incredibly hard to make work. So typically the person running the attack will use a proxy or two and for DDOS like stuff a bot net. In general the machine the packets are coming from is an attacker, regardless of its owner's awareness.
I don't think its wrong to go blasting bot net nodes off the internet if they are causing you grief and you can identify them.
Infinite loop (Score:2, Insightful)
If (Cyberattack){
Cyberattack;
}
Nobody see the problem?
Re:Infinite loop (Score:5, Funny)
Nobody see the problem?
If (Cyberattack){
Cyberattack();
}
there was a parenthesis pair missing.
Re: (Score:1)
void CyberAttackInit(char *Target){
bool Attacked;
if (httpTraffic>1000){Attacked=TRUE;}
if (Attacked==TRUE){attackAllAttackers();}
}
I would guess that it would go from one attack or mistake to a deadlock in nanoseconds. It wouldn't end until somebody burned up or hit a bandwidth limit. One person could set off the entire internet in a single prompt critical. We should really create more situations like this that can be memorialized l
Re: (Score:1)
Re: (Score:2)
You went too far mate
Did I get act and think reversed again?
Re: (Score:2)
Sweet. So if the Cyberattack function exists, it must be called. An weapon unused is a useless weapon and all that.... On the other hand, such an argument tends to be an argument of the lazy (binding).
Re: (Score:2)
I might be the only one but the lazy binding joke made me laugh a lot !
thanx
Everyone probably already knows this here but (Score:2)
If they're caught, some countries will not only refrain from punishing you, but they'll even congratulate for siphoning money from foreign countries.
I don't think there is a solution unless we had a world government... In which case we have a lot bigger problems facing us.
Not sure about retaliation... (Score:4, Interesting)
Re: (Score:3)
I hope you included something which turned that off if it added more than a certain number of hosts in a short time.
otherwise it makes for an easy DOS, spoof packets and watch as your server blocks the whole net.
something which imposes a temporary block and can only block a limited number of IP's at a time would be good for preventing casual and script kiddie attacks though.
Re: (Score:2)
DenyHosts includes a PURGE_DENY option which allows you to specify how long blocks are kept for.
Spoofing shouldn't be an issue here. We're not talking about logging SYN packets but failed login attempts. An attacker can't perform those without being able to get packets back from the server and they can't do that if they are spoofing their address. Unless perhaps they are plugged into the same hub as the server but if that's the case you've likely got bigger problems to worry about.
my solution to this problem (Score:2)
2) Send an email to the abuse address on record.
3) Harden system some more.
4) Wait for some sort of response.
5) Publish the source IP, whatever response is received in the email response, and AS info (i.e. netblock) along with the details of the attack.
6) Block all future traffic from the AS.
Re: (Score:1)
6) Too crude, how will AS people know why they have been blocked if they are blocked? Blocking whole AS might kill somebody or sombodies!
Maybe:
5.3) Block only offending addresses only from attack target with expiration time.
5.4) Contact AS operators by other means if they don't respond to email.
5.5) Require AS operators to have SIP phones, live chat and a contact person/s, or some why to know your email hasn't gone into a black hole.
5.6) If addresses proceed to attack other target
Only if it works (Score:1)
No really. If it's after the fact, no... Cease fire when they do.
Almost a good idea (Score:2)
If everyone clicked the link in those "work from home" scams 100 times, or replied to every "your webmail account is about expire" email with bogus details then it would drown the enemy in useless information.
If you then take it a step further and have an automated system that clicks links a million times automatically and replies to the emails with bogus information a million times then it would be even better.
Until someone gets the idea to send out a "I made a billion $$$ working from home. Click http://w [kernel.org]
Functionally Insane (Score:5, Insightful)
The concept of revenge cyber attacks is functionally insane.
At least at the corporate level. Consider. A competitor's network appears to be attacking yours, so you attack back and get into their networks. Only it turns out that someone hacked the competitor, and it was no fault of the competitor at all. The counter attacking corporation's employees are now guilty of a felony, and presumably were directed to do so by a senior manager. The following actions are available to your competitor:
1. Pressing the district attorney to prosecute the employees and management
2. Pressing the district attorney to prosecute the corporation (i.e. the corporate death penalty)
3. Suing all the criminal employees including all executives in the chain, either authorizing parties or cognizant parties
4. Suing the corporation
Given the criminal act with malice of forethought, the #4 option will be of practically unlimited liability. You can expect to be charged 100% of all attorney's fees, the actual cost of their security event including cleanup and all IT labor associated therewith, and an apportionment of their ongoing security operations fees. For #3, some jurisdictions do not permit bankruptcy out of civil liabilities originating from criminal acts. No employee will be protected just because their bosses told them to do the act, as the act was a crime and is indefensible.
So, to be blunt: "dream on".
No sane Corporate Counsel will permit any company to do this.
C//
Re: (Score:1)
Sigh, bad summary and over-hyped news strikes again.
If you read the article, you will see that the actual Black Hat speakers do not suggest a revenge cyber attack. And the article itself, doesn't actually talk about using real cyber attacks.
They talk about stuff like using "tarpits" to get exploit tools and botnets stuck in loops to slow them down (like CAPTCHAs or locking out login attempts), feeding fake information to cyber attackers (like honeypots).
Of course, the article uses wording that implies an a
Re: (Score:2)
There's an even worse scenario, in that spoofing could allow an attacker to fake being a different origin. For bonus points, launch a nonsense attack that ties up your biggest competitors in an information/legal war...
I think everyone who has ever done information security from the defence side has had this thought cross their head. Like "Why don't we write a virus that patches Windows?", it turns up every now and then. It's very very illegal (can you imagine trying to persuade the US & China to provide
Re: (Score:2)
One of the other posters responded that TFA was of course really not about revenge attacks, but more about tying up the attackers in mire. I really support that. For example, look up the La Brea honey pot. It's a digital tarpit for autonomous malware. It's pretty cool, and completely legal.
C//
Re: (Score:2)
Until you as a manager discover you have one or more subordinates who either 1) don't like you personally, or 2) don't like doing illegal things. Decision maker: meet the prison system.
There are 3 classes of people who "get away with i
This sounds like an unbelievably terrible plan.... (Score:3)
This does approximately jack shit against gangs operating offshore in who-knows-where controlling botnets of enslaved Joe User XP home boxes; but it is the state of the law. Now, let's think about this for a second: Any "cyber-counterattack", unless unbelievably flawless, is probably going to have some amount of collateral damage: ISPs getting parts of their networks DDOSed, innocent-if-clueless home users getting their botnetted boxes taken down, etc. Even the direct damage will be illegal(though criminal gangs probably won't press charges); but the collateral damage will, in not a few cases, fall directly on people and businesses, in western jurisdictions, who had nothing to do with the original attack(other than, perhaps, not updating their AV often enough).
Now, when it comes to light that Foocorp LLC, a division of Deeppockets Industries, and their officers and employees have been guilty of numerous violations of federal cybercrime violations, most felonies, and a variety of civilly actionable property damage, where do you think the lawyers are going to go looking for blood? Yuri Shadymov and John Does 1-N, the mysterious perpetrators of the attack on Foocorp, or the conveniently-located-right-at-home Deeppockets Industries?
There would be a nonzero risk(and they would deserve every bit of it) that Deeppockets industries could find itself up to its eyeballs in civil suits, and the Foocorp IT team and every exec who knew of and authorized their actions could be looking at serious fines and some quality time in FPMITA...
Re: (Score:2)
Worse, it's pretty easy to pin an obvious or even not-so-obvious cyberattack on someone else. If vigilante "cyber justice" is acceptable, then an efficient way of performing your cyber attack is simply to attack a third-party target and make it look like your real target did it.
There's a reason vigilante justice isn't acceptable.
Re: (Score:2)
In physical terms, you have states like Texas, where shooting trespassers is largely legal, and states like Massachusetts where you pretty much have to have run out of other options before you can use lethal force in self defense. When it comes to electronic attacks, everybody already enjoys greater-than-Texas level of self-defense capability. I can tell my routers and switch
Re: (Score:2)
Wrong.
Re: (Score:2)
Re: (Score:2)
I'd say the law is fairly reasonable. In any case it clearly does not permit the use of deadly force against a mere trespasser.
Re: (Score:2)
I don't know about Texas, but in Florida, your legal right to shoot (or otherwise use lethal force) against anyone on your property is fairly broad.
Re: (Score:2)
There is nowhere in the USA where use of deadly force against a mere trespasser is legal.
Re: (Score:2)
They need to forcibly enter your home or occupied vehicle (rather than just being on your property). Otherwise, Florida's castle doctrine does exactly that.
Re: (Score:2)
That "pinning" is standard operating procedure, it's rare for an attack to be traceable to a real guilty party.
Re: (Score:2)
Naturally, although many cyber attacks right now are done through botnets or are made to look as if they were done by an anonymous, meaningless entity, rather than intentionally placing evidence that leads you to believe it's from a particular third party.
The short version is that vigilante justice is particularly bad for cyber attacks because attribution is particularly difficult.
Is Retaliation the Answer To Cyber Attacks? (Score:2)
Re: (Score:1)
Collateral damage (Score:2)
Re: (Score:2)
Trying to find the six-fingered hacker (Score:2)
"Hello, my name is Inigo Montoya. You hacked my computer. Prepare to die."
misleading summary, stupid article (Score:1)
So, the summary is misleading.
The actual article (starts out) talking about using vulnerabilities in botnets and "attack" tools, and an idea called a "tarpit" that would attempt to tie up resources on botnets and "attack" tools.
Not much of a new idea, as people are already doing things like this: Locking out login attempts, delaying login, or CAPTCHAs are a simple example of "tarpits". Reverse engineering malicious programs is already being done. Honeypots, etc.
"Revenge assault" seems to be strong wordin
Re:tarpits (Score:2)
Good that you point out that the /. article is misleading.
But you are wrong in naming defensive measures that enhance login security "tarpits".
If I recall right "tarpits" work by tying up resources at the attacking computer.
See here for an actual implementation:
http://www.wilderssecurity.com/showthread.php?t=16674 [wilderssecurity.com]
Eye for an eye (Score:2)
Absolutely. (Score:2)
Just like if you get up in the morning to find that your window is broken, the BEST response is to pick up a shotgun and go kick in your neighbour's front door.
Remember, your first impulse is always right and you can never, EVER misunderstand any situation.
How do you identify the attacker? (Score:1)
Re: (Score:2)
> It is mostly unknown who is controlling the botnets behind DoS attacks.
Yes, but would it be wrong to cripple the bots if that would stop the attack?
Prisoners Dilemma (Score:2)
Re: (Score:2)
Not really applicable in this case. Prisoners Dilemma applies to two or more players and a symmetrical outcome matrix. Law enforcement vs suspects is rarely symmetrical.
Re: (Score:2)
How is this the Prisoner's Dilemma?
Wrong order of events. (Score:2)
Is Retaliation the Answer To Cyber Attacks? (Score:2)
No.
Better to strike first. Mind, good enough so _they_ can't retalliate.
Whoever 'they' are ...
Vigilante Justice (Score:1)
Well, victims "should" leave retaliation to law enforcement. But when there is no answer to the question, "What law enforcement?" victims "will" retaliate whether they "should" or not.
Attack who? (Score:1)
Remember MAD (Mutually Assured Destruction)? (Score:1)
No (Score:1)
Hell no. (Score:2)
In a working state, the power to punish by act seen as criminal is exerted by the police and the courts. If "the strong" can "retaliate" against the weak, the we call that anarchy.
If Amazon want they can take offline everybody who is hosting wikileaks and every imageboard which used the word "anonymous" on the planet by dedicating 10% of their computational/network power to "retaliate". If google would like to "retaliate" against somebody, they could take a medium-sized country offline and render it inopera
Andy Capp (Score:2)
Cyber self-defense (Score:2)
The analogy goes like this. I was being attacked so I whacked him to may him stop. The corporate equivalent is, My network and computer systems were being attacked to whacked the attacker to make him stop.
What if you "retaliate" against the wrong target? (Score:2)
Re: (Score:2)
Re: (Score:1)
No, retaliation comes *after* the attack. The attack comes first.
Which is exactly the problem; by the time you retaliate you've already taken damage. Do unto others BEFORE they do it to you.
Seven Habits of Highly Effective Pirates (Score:2)
Rule #13: Do unto others.
Re: (Score:2)
Re: (Score:2)
From a purely Machiavellian perspective, if you throw the first punch and they're still able to hit back, then you deserve to get hit.
Re: (Score:2)
Unless it is "Anticipatory Retaliation"...
Re: (Score:2)
I believe the political term is "preemptive strike".
Just like "shock and awe" is the new political term for "blitzkrieg".
Re: (Score:2)
Maybe that's next after Stuxnet. Program target IP, launch, fire, forget.
You are more likely to die as a result of a gun if you carry one yourself [newscientist.com]. I can't find the study, but you are also more likely to end up being shot by your own gun than you are to ever shoot a bad guy with it (which makes sense - we hear of accidental self shootings all the time and most people who own a gun never actually use it in self defence).
If those statistics even roughly translated to IP address seeking missiles then we are going to have a problem.
BTW, I think there is a problem with my server. Ca
Re: (Score:2)
Risk is a game of essentially perfect information(as
Re: (Score:2)
Crippling the bots might achieve my immediate goal: bringing an end to your attack. If you are firing stolen missiles at me am I wrong to shoot them down?
Re: (Score:3)
That's the problem: there is basically no such thing as a pure weapon on the internet. Most "stolen missiles" are simultaneously poorly secured home or business computers that have never left the ownership(and, in general, since the botnet guys don't want their hosts getting wiped) are still being actively used by their owners for wh
Re: (Score:2)
There are no airliners and no passengers and no deaths: just the temporary shutting down of some pcs. The owners of those pcs may not know that they are being used to attack you, but they still are. I think a case can be made for your right to disable a weapon in the hand of your attacker even if it is not the attacker's property.
Another strained analogy. An enemy of yours is able to trick you neighbor's fancy automated lawn sprinkler into hosing down the front door of your business, driving off your cus
Re: (Score:2)
The problem is that it's easy to make a computer invulnerable, even if it stays on a static IP. Then you don't have to fear retaliation.