Re: "Don't panic"?
From: Kurtis D. Rader (kdrader@us.ibm.com)Date: 02/05/02
- Next message: Youri Podchosov: "Re: Anyone used Solaris Secure Shell, Sun's productized ssh for Solaris9?"
- Previous message: Nico Kadel-Garcia: "Re: Slow file transfer using SFTP"
- Maybe in reply to: Mike Iglesias: "Re: "Don't panic"?"
- Next in thread: Richard E. Silverman: "Re: "Don't panic"?"
- Reply: Richard E. Silverman: "Re: "Don't panic"?"
- Reply: Simon Matthews: "Re: "Don't panic"?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: kdrader@us.ibm.com (Kurtis D. Rader) Date: 4 Feb 2002 18:42:06 -0800
Richard Silverman <res@des.jhy.us.ml.com> wrote in message news:<m1lk7u0ls31.fsf@sys1.des.jhy.us.ml.com>...
> What "abuse" would you have him report? He has a box connected to the
> Internet, with an SSH server accepting connections from anywhere. Someone
> connected to it, exchanged a few bytes according the SSH protocol, then
> disconnected. That's not abuse; it's what's supposed to happen.
If we were talking about my domicile it would be called "breaking and
entering" by local law enforcement. The individuals in question have
neither asked nor received permission (implicitly or explictly) to
enter my computer. The fact that I have a SSH server running for my
benefit does not constitute an invitation to these individuals to
utilize my computering resources. Would you consider it acceptable
behavior for me to try opening the doors of your house? What if you
left your front-door unlocked? Would it be okay for me to enter your
residence without your permission?
That is exactly what these individuals are attempting to do. The fact
that our legal and law enforcement systems are unable to prosecute
these criminals (yet) doesn't make their behavior any more acceptable.
Yes, it is my responsibility to take reasonable precautions against
the anti-social members of our society. Precautions that include
locking the entrances to my residence and securing my computer. But if
someone manages to pick the lock on my front door am I to blame for
not having installed a sufficiently strong lock? Why in the hell
should I have to live in fear that someone is going to access the
information on my computer or utilize it to damage others without my
consent or knowledge?
I've been in the information technology business in one capacity or
another (programmer, DBA, sysadmin, consultant, systems support
engineer, etc.) since 1978. I have no social life to speak of (I spend
most of my time working or taking care of my dogs). I read the source
code of applications like SSH for fun. Still, even I have strong
enough ties to the social fabric around me to realize that trying to
break into someone else's computer system is wrong.
- Next message: Youri Podchosov: "Re: Anyone used Solaris Secure Shell, Sun's productized ssh for Solaris9?"
- Previous message: Nico Kadel-Garcia: "Re: Slow file transfer using SFTP"
- Maybe in reply to: Mike Iglesias: "Re: "Don't panic"?"
- Next in thread: Richard E. Silverman: "Re: "Don't panic"?"
- Reply: Richard E. Silverman: "Re: "Don't panic"?"
- Reply: Simon Matthews: "Re: "Don't panic"?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
