Re: Reporting Hackers
From: Patrick J. LoPresti (patl_at_users.sourceforge.net)
Date: 01/21/05
- Next message: Frustrated: "Re: Hosts file/NAV cannot repair"
- Previous message: Not a real man of genius: "Services snap in & Security"
- In reply to: N. Miller: "Re: Reporting Hackers"
- Next in thread: Alun Jones [MSFT]: "Re: Reporting Hackers"
- Reply: Alun Jones [MSFT]: "Re: Reporting Hackers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 20 Jan 2005 18:44:24 -0500
N. Miller <anonymous@discussions.microsoft.com> writes:
> In article <s5g4qhcgmwk.fsf@patl=users.sf.net>, Patrick J. LoPresti says...
>
> > It's more like walking down a residential street checking every door
> > to see which are unlocked. I consider that trespassing, and I would
> > call the police.
>
> It is only trespassing if the property is properly posted. In most
> cases, you can't be considered trespassing until the property owner
> explicitly tells you to leave, and you don't leave.
Whatever. If I saw someone checking every door on every house on the
street, I would call the police. I take it you would ignore him? If
so, I am glad we are not neighbors.
> This is a major problem with trying to throw analogies to port
> scanning. A person scanning my ports is not at all like a person
> standing on my property and rattling my doorknob.
Standing on your property is not the problem. Rattling your doorknob
(and every other doorknob in the vicinity) is the problem. I do not
consider this innocuous behavior.
> On the public side of my router, on the leg from the last hop in to
> my router, he is on SBC property; and, SBC is somewhat like a mall;
> not exactly public property, but with an implicit invitation to
> public access. Until that permission is revoked by the mall
> owner/SBC.
Again, whatever. If all the doorknobs happen to be reachable from
public land, that changes nothing.
No analogy is perfect, of course. I think mine is fairly apt. You
may think differently. But (again) thankfully, it does not matter
what you think. Essentially every ISP has an Acceptable Use Policy
prohibiting unauthorized port scans. You agreed to that policy when
you acquired your service, so performing an unauthorized port scan
would make you a liar at best.
Just to take a few AUPs at random:
PacBell (http://public.pacbell.net/dedicated/aup_ded.html), which
appears to be your ISP, prohibits "...any attempt to probe, scan, or
test the vulnerability of a system or network ... without express
authorization of the owner of the system or network".
Hanson Information Systems, which appears to be Phillip's ISP, is a
rinky-dink operation with no on-line AUP that I can find. (But I bet
they have one on paper when you sign up.) SAVVIS
(http://www.savvis.net/customer/aup.html), which is the service
provider for Hanson itself, prohibits "port and network scanning".
Comcast (http://www.comcast.net/terms/use.jsp) says "Unauthorized port
scanning, for any reason, is strictly prohibited."
And so on.
I admit it, I report port scans mostly because I take unhealthy
pleasure from the idea of script kiddies suffering. But even if I did
not enjoy it so much, it would be the right thing to do.
- Pat
P.S. This is my last post on this thread unless someone comes within
spotting distance of a valid point. Millions of specious arguments,
so little time...
- Next message: Frustrated: "Re: Hosts file/NAV cannot repair"
- Previous message: Not a real man of genius: "Services snap in & Security"
- In reply to: N. Miller: "Re: Reporting Hackers"
- Next in thread: Alun Jones [MSFT]: "Re: Reporting Hackers"
- Reply: Alun Jones [MSFT]: "Re: Reporting Hackers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
