Notifying the infected?
in [Firewalls]
|
From: Skywise on 21 Jan 2010 23:13 Bit Twister <BitTwister(a)mouse-potato.com> wrote in news:slrnhlghc9.56v.BitTwister(a)wb.home.test: > Several states in the USA have gotten tired of your excuse being used > by hackers. Any unauthorized access is criminal trespass. > That means a ping is trespassing. Well, then they better star pressing charges. I hope they have the court resources to prosecute a couple billion people. Brian -- http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html Sed quis custodiet ipsos Custodes?
From: Ansgar -59cobalt- Wiechers on 22 Jan 2010 03:28
D. Stussy <spam+newsgroups(a)bde-arc.ampr.org> wrote: > "Ansgar -59cobalt- Wiechers" <usenet-2010(a)planetcobalt.net> wrote: >> D. Stussy <spam+newsgroups(a)bde-arc.ampr.org> wrote: >>> There are laws against spamming. There are laws against >>> unauthorized access. >> >> I'm debating the "unauthorized" part when it comes to hosts on public >> networks. I already explained in another post why requiring explicit >> permission would ultimately break the Internet, so I'll simply refer >> you to that post. > > Using a specific, well-known service that is meant for public access > isn't going to fit with "unauthorized" (at least at first glance). On second glance: even if the port is well-known, it still doesn't say anything at all about whether the owner of the server made that service accessible on purpose. Back to square one. Unless we can assume implicit consent of the owner (he willingly put the server on a public network after all). In which case I fail to see why this shouldn't apply to all ports. > Scanning a site for nonstandard features and those not meant for > public consumption is, especially when followed with an exploit > attack. I'm talking about accessing/using a service. Attacking someone is already covered by other (criminal) laws. It's the same difference as talking to a random person and beating that random person up. >>>>>> A portscan is not necessarily the prelude to an attack. And a >>>>>> portscan most certainly isn't an attack in itself. >>>>> >>>>> More often than not, it is. >>>> >>>> You have some figures to support that opinion, I suppose? >> >> Apparently not. I thought so. > > I don't see where I have the burden of proof. You went first, so you > need to demonstrate your assertion. cobalt(a)iridium:~ $ nmap -sT -P0 74.125.43.103 Starting Nmap 4.62 ( http://nmap.org ) at 2010-01-22 09:16 CET Interesting ports on bw-in-f103.1e100.net (74.125.43.103): Not shown: 1712 filtered ports PORT STATE SERVICE 80/tcp open http 113/tcp closed auth 443/tcp open https Nmap done: 1 IP address (1 host up) scanned in 14.084 seconds cobalt(a)iridium:~ $ _ No exploit/attack intended. Your turn. [...] >>>>>>> Some places have laws against such action. >>>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >>>>>> Fortunately most places have legislators with at least half a >>>>>> brain and don't. >>>>> >>>>> ...And don't what? >>>> >>>> Read again. >>> >>> Answer the question. You have a hanging auxillary verb. >> >> You lack reading comprehension. The answer to your question lies in >> the part I underlined. > > If by that you meant that "don't have laws", the CORRECT English would > be: > > "...half a brain; some don't." Ummm... no. I wrote "... half a brain and don't [have laws against such action]", leaving out the part in square brackets as a figure of speech (this is called "ellipsis"; look it up). > Learn to write PROPERLY before accusing your reader(s) of > misunderstanding. English isn't my first language, so I'm prone to make a mistake every once in a while (although in this case I don't believe I did). What's your excuse? cu 59cobalt -- "If a software developer ever believes a rootkit is a necessary part of their architecture they should go back and re-architect their solution." --Mark Russinovich |