Researcher shows how to strike back at web assailants
A security researcher has disclosed details on more than a dozen previously unknown vulnerabilities that people responding to web-based attacks can exploit to strike back at online assailants.
The bugs reside in off-the-shelf crimeware kits that go by names such as Eleonore, Liberty, Neon, and Yes. Attackers install them on compromised websites to streamline the process of exploiting unpatched vulnerabilities on the PCs of people who visit them.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump