Notifying the infected?
in [Firewalls]
|
From: Ansgar -59cobalt- Wiechers on 20 Jan 2010 07:03 D. Stussy <spam+newsgroups(a)bde-arc.ampr.org> wrote: > "Ansgar -59cobalt- Wiechers" <usenet-2010(a)planetcobalt.net> wrote: >> Davej <galt_57(a)hotmail.com> wrote: >>> So just what legitimate services would anyone be hoping to find at >>> some random node? >> >> Whatever service that random node is providing? This may come as a >> shock to you, but probing a host's ports really is the only way of >> discovering which service(s) that host provides. > > That doesn't mean that anyone has a right to scan for open ports on > some random machine; It most certainly does. You connected the machine to a public network, and - repeating myself - in any TCP/IP network probing ports is the only way of discovering what services a given host offers. > a prelude to exploits (including attempts). A portscan is not necessarily the prelude to an attack. And a portscan most certainly isn't an attack in itself. > Some places have laws against such action. Fortunately most places have legislators with at least half a brain and don't. cu 59cobalt -- "If a software developer ever believes a rootkit is a necessary part of their architecture they should go back and re-architect their solution." --Mark Russinovich
From: Davej on 20 Jan 2010 21:52 On Jan 18, 3:32 pm, Ansgar -59cobalt- Wiechers <usenet-2...(a)planetcobalt.net> wrote: > Davej <galt...(a)hotmail.com> wrote: > > On Jan 18, 1:27 pm, Ansgar -59cobalt- Wiechers wrote: > > >>http://en.wikipedia.org/wiki/Host_(network) > > > So just what legitimate services would anyone be hoping to find at > > some random node? > > Whatever service that random node is providing? This may come as a shock > to you, but probing a host's ports really is the only way of discovering > which service(s) that host provides. > > >http://en.wikipedia.org/wiki/Port_scan > > So? So, it is completely legal to conduct port scans, but -- why conduct port scans when you won't have permission to use the services that you may discover? Your argument seems to be that you can freely use any service that you can find, but can you perhaps cite some evidence for that?
From: Ansgar -59cobalt- Wiechers on 21 Jan 2010 06:18 Davej <galt_57(a)hotmail.com> wrote: > On Jan 18, 3:32�pm, Ansgar -59cobalt- Wiechers wrote: >> Davej <galt...(a)hotmail.com> wrote: >>> On Jan 18, 1:27�pm, Ansgar -59cobalt- Wiechers wrote: >>>> http://en.wikipedia.org/wiki/Host_(network) >> >>> So just what legitimate services would anyone be hoping to find at >>> some random node? >> >> Whatever service that random node is providing? This may come as a >> shock to you, but probing a host's ports really is the only way of >> discovering which service(s) that host provides. >> >>> http://en.wikipedia.org/wiki/Port_scan >> >> So? > > So, it is completely legal to conduct port scans, but -- why conduct > port scans when you won't have permission to use the services that you > may discover? Who says I don't? Besides, even if I don't, what exactly would that change about port scans still being perfectly legal? (which in turn renders your whole "notifying the infected" point moot) > Your argument seems to be that you can freely use any service that you > can find, but can you perhaps cite some evidence for that? You connected your server to a public network, so I'd suggest you cite some evidence that I am not allowed to use a service that you made publicly available. cu 59cobalt -- "If a software developer ever believes a rootkit is a necessary part of their architecture they should go back and re-architect their solution." --Mark Russinovich
From: Bit Twister on 21 Jan 2010 07:16 On 21 Jan 2010 11:18:19 GMT, Ansgar -59cobalt- Wiechers wrote: > You connected your server to a public network, so I'd suggest you cite > some evidence that I am not allowed to use a service that you made > publicly available. Not so, a private business has to have the port open for their employees to use. A poor analogy follows: Think about the Internet as a road. You cannot just stop at any building and enter it because it is on the road. Several states in the USA have gotten tired of your excuse being used by hackers. Any unauthorized access is criminal trespass. That means a ping is trespassing. Just one example: http://tlo2.tlc.state.tx.us/statutes/docs/PE/content/htm/pe.007.00.000033.00.htm Read 33.01. Definitions (1) "Access" then 33.02. Breach of Computer Security (a)
From: Ansgar -59cobalt- Wiechers on 21 Jan 2010 07:41
Bit Twister <BitTwister(a)mouse-potato.com> wrote: > On 21 Jan 2010 11:18:19 GMT, Ansgar -59cobalt- Wiechers wrote: >> You connected your server to a public network, so I'd suggest you >> cite some evidence that I am not allowed to use a service that you >> made publicly available. > > Not so, a private business has to have the port open for their > employees to use. That's what authentication is for. > A poor analogy follows: > Think about the Internet as a road. You cannot just stop at any > building and enter it because it is on the road. Your analogy is indeed very poor, because with TCP/IP any driver on that road can only distinguish between a building he can or cannot enter by actually trying if the door is locked (port closed), open but declared private (authentication required) or open to the public (any other case). > Several states in the USA have gotten tired of your excuse being used > by hackers. Any unauthorized access is criminal trespass. Several states in the USA seem to have very poor understanding of how the Internet and TCP/IP work. Answer me this question: how do you get authorization to use any service on the Internet (like, say, Google)? I don't recall ever having requested or being granted explicit permission to use their service. Also - speaking of Google - you just declared the business of every search engine existing to be illegal. If you don't understand why: take a look at how spiders work and then ask yourself how *they* get permission to do what they're doing. IOW you just requested nothing short of the Internet being shut down. > That means a ping is trespassing. Which is simply ridiculous. > Just one example: > http://tlo2.tlc.state.tx.us/statutes/docs/PE/content/htm/pe.007.00.000033.00.htm > Read 33.01. Definitions (1) "Access" > then 33.02. Breach of Computer Security (a) "If you have reached this page, the content you are seeking has been moved." Besides, according to your own logic, I just commited an act of criminal trespassing by accessing that page, since I never got express permission by its owner. cu 59cobalt -- "If a software developer ever believes a rootkit is a necessary part of their architecture they should go back and re-architect their solution." --Mark Russinovich |