Bugtraq mailing list archives
Re: Network Monitoring and Control (announcement)
From: cmetz () ministry-of-love inner net (Craig Metz)
Date: Thu, 30 Mar 1995 11:25:13 -0500
In message <Pine.3.89.9503310518.C96-0100000 () madhouse com>, you write:
packet file which can later be replayed through Watcher. Most importantly, Watcher allows the admin to CONTROL network users by instantly terminating any connection, setting up makeshift firewalls, or even TAKING OVER (hijacking) any connection.
Sounds ok if your charged with providing security for a corporate, government or military site, but in the case of pay commercial hosts this should be illiegal, if not downright immoral. How much privacy should I expect from a provider? I mean I am paying for services, and there was some limited agreement to services. I think you better put in a statement saying YOUR SESSION WILL BE WATCHED AND IF WE FEEL YOU'RE BEING POLITCALLY INCORRECT WE WILL TAKE OVER YOUR SESSION.
Am I the only one who feels this is an invasion of privacy?
Of course it isn't. You never had any privacy to begin with. If you aren't doing anything yourself to guarantee your own security and privacy, you neither have nor deserve any. This hard truth should be known to a few people on this list who deal with security every day -- you can't just expect people to hand it to you (well, you can, but there might as well be a bridge with it). While the America Online generation has been whining about Mr. Neuman's "advertisement" and invading their "privacy", some of us are thankful to have reviewable code to such a tool. When I talk to people who are responsible for keeping things secure, theory and papers don't cut it. I need to be able to whip out a real live program and SHOW them how vulnerable their systems are before they will even acknowledge the existence of a problem. You can whine about it all you want, but the crackers have had such tools for a good little while. It's about time some good come out of it -- enough people see that it's a problem to merit it getting solved (hint from previous discussion: this one ain't gonna be easy, folks). -Craig
Current thread:
- Network Monitoring and Control (announcement), (continued)
- Network Monitoring and Control (announcement) Mike Neuman (Mar 29)
- Re: Network Monitoring and Control (announcement) root (Mar 30)
- Re: Network Monitoring and Control (announcement) Christopher Samuel (Mar 31)
- Watcher page moved (and ObBug) Mike Neuman (Mar 31)
- Re: Watcher page moved (and ObBug) Tom Fitzgerald (Mar 31)
- Network Monitoring and Control (announcement) Mike Neuman (Mar 29)
- SATAN Download Location Bill Bradley (Mar 30)
- Re: SATAN Download Location Robert A. Pickering Jr. (Mar 31)
- TCP Sequence Number Prediction (here it is!!) Mike Neuman (Mar 30)
- Re: Network Monitoring and Control (announcement) Eric (Mar 30)
- Re: Network Monitoring and Control (announcement) root (Mar 31)
- Re: Network Monitoring and Control (announcement) Craig Metz (Mar 30)
- Re: Watcher is invasion of privacy [was: Network Monitoring and Control (announcement)] Kayvan Sylvan (Mar 31)
- Re: Network Monitoring and Control (announcement) Marc Tamsky (Mar 31)