Re: RPAT - Realtime Proxy Abuse Triangulation

From: Greg Barnes (greg@ins.com)
Date: 12/30/02

Next message: Greg Barnes: "Re: RPAT - Realtime Proxy Abuse Triangulation"

Previous message: Rob Shein: "RE: RPAT - Realtime Proxy Abuse Triangulation"
In reply to:(deleted message) Jay D. Dyson: "Re: RPAT - Realtime Proxy Abuse Triangulation"
Next in thread: Jay D. Dyson: "Re: RPAT - Realtime Proxy Abuse Triangulation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 30 Dec 2002 13:06:35 -0600
From: Greg Barnes <greg@ins.com>
To: "Jay D. Dyson" <jdyson@treachery.net>

Hi Jay,

Comments inline...

Saturday, December 28, 2002, 12:51:09 AM, you wrote:
JDD> -----BEGIN PGP SIGNED MESSAGE-----
JDD> Hash: SHA1

JDD> On Fri, 27 Dec 2002, Stephen P. Berry wrote:

>> Funny that everyone seems to be hung up on the question of whether or
>> not reciprocal scans are -legal-. Howzabout this one: Even if scanning
>> spam relays is -legal-, is it ethical?

JDD> Such a practice strikes me as teleologically ethical[1]. A system

Technologically Ethical? Is that like 'technically
honest' but not honest by any other definition?

JDD> is being abused and we recipient systems are paying the canonical price
JDD> for it. And since we bear the cost of someone else's irresponsibility, we
JDD> have both the right and the responsibility to pick up the slack created by
JDD> the other party so that other systems do not receive the same net.abuse
JDD> ours have.

This would be true if you represented an extension of
law enforcement.

JDD> The only thing that would color such a practice as even remotely
JDD> unethical would be later utilization of such findings for the purpose of
JDD> further spamming or other nefarious conduct.

Who defines nefarious? The rule of law defines it.
And there are agencies established for the purpose
of enforcing the law. I can't believe this is even
a question here...

JDD> As a rule, when my systems are spammed via an open relay, I do
JDD> indeed perform open relay tests on the offending system to confirm that
JDD> the relayed spam is genuine or trivially spoofed[2]. With those findings,

So how does one justify any scanning beyond that
which is required to determine the source
of a problem in the course of one's day to day duties,
and furthermore with the end goal of notifying the
cognizant authority of the offense?

JDD> I file my reports with the cognizant admins and/or upstream providers so
JDD> that an end may be put to that nonsense.

All well and good, but again - to what end, the additional scanning?

JDD> - -Jay

JDD> 1. I don't subscribe to deontological ethics. Even when I was a lad I
JDD> never regarded "because I said so" as a valid rationale for anything.
JDD> 2. Old Sun Microsystems SMI 8.6 MTAs will accept any HELO statement and
JDD> not log the IP, which caused all manner of spammer mischief.

JDD> ( ( _______
JDD> )) )) .-"There's always time for a good cup of coffee."-. >====<--.
JDD> C|~~|C|~~| (>------ Jay D. Dyson - jdyson@treachery.net ------<) | = |-'
JDD> `--' `--' `How about a 10-day waiting period on YOUR rights?' `------'

JDD> -----BEGIN PGP SIGNATURE-----
JDD> Version: GnuPG v1.0.7 (TreacherOS)
JDD> Comment: See http://www.treachery.net/~jdyson/ for current keys.

JDD> iD8DBQE+DUniTqL/+mXtpucRApOlAKDFuMLEvKwX11Toknd0hSFxImXJ/gCeOl1a
JDD> Kmj84nr7KbWgxmjafsVZDm0=
JDD> =Y1yR
JDD> -----END PGP SIGNATURE-----

JDD> ----------------------------------------------------------------------------
JDD> This list is provided by the SecurityFocus ARIS analyzer service.
JDD> For more information on this free incident handling, management
JDD> and tracking system please see: http://aris.securityfocus.com

Regards,

Greg

PGP Fingerprint:
723E 7CAD 4EF5 D904 1EE8 5279 71A5 A594 E6A7 C48E

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

Next message: Greg Barnes: "Re: RPAT - Realtime Proxy Abuse Triangulation"
Previous message: Rob Shein: "RE: RPAT - Realtime Proxy Abuse Triangulation"
In reply to:(deleted message) Jay D. Dyson: "Re: RPAT - Realtime Proxy Abuse Triangulation"
Next in thread: Jay D. Dyson: "Re: RPAT - Realtime Proxy Abuse Triangulation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: RPAT - Realtime Proxy Abuse Triangulation
... Teleological ethics holds that all ethical proscriptions arise from value ... > JDD> price for it. ... Law enforcement cannot do so without the blessing of the courts. ... > JDD> indeed perform open relay tests on the offending system to confirm ...
(Incidents)
Re: RPAT - Realtime Proxy Abuse Triangulation
... BTW - HUGE thanks for the clarification on ethics. ... JDD> teleological. ... JDD> Law enforcement cannot do so without the blessing of the courts. ... JDD> offending system. ...
(Incidents)