Attacking Back

From CastleCopsWiki

Caution

The article below is currently in beta and has not been reviewed for factual errors.

As a website that gets attacked by a DDoS (Denial of Service Attack), for example, the owners of the site that was DDoSed should not answer back with an attack of its own. Reason being the "attackers" are usually victims themselves, so a retaliation would cause more harm than good. Two wrongs do not make a right.

The use of DDoS to bring down websites involves a cost at the ISP level: bandwidth. Often attackers have hijacked many hosts, such as unpatched webservers or end-user PC on broadband connections, to facilitate in their attack. Some botnets can be composed of tens of thousands of infected hosts distributed amongst many hosts. Attacking the compromised boxes does no good, it merely adds more the bandwidth charges that ISPs must absorb after a high intensity DOS attack. Also, the attackers can move onto other hosts that they have compromised. The best approach to dealing with a DDoS is to have the attackers tracked down and prosecuted for criminal activity.