Security Incidents mailing list archives
Re: Korea (was Re:?)
From: stephen_winson () SNC-INC COM (Winson, Stephen)
Date: Mon, 31 Jan 2000 15:51:08 -0600
Definitely an ethical question. If there is no legal notice at login then you can literally do anything you want to the machine and you are free and clear. If you do find yourself being given free access to someone's system in that manner accidentally or intentionally and you're a jerk and use the situation to your own advantage, then I sure wouldn't hire you, and no one I know would either. If you take the opportunity to inform the person who adminsiters the machine that they have a gaping hole in their machine, I really don't see the ethical dillema. It should be an expectation, IMHO. I thought the whole idea everyone was supposed to be more secure, not just you and your world. Stephen Winson -----Original Message----- From: JJ Gray [mailto:nexus () PATROL I-WAY CO UK] Sent: Friday, January 28, 2000 5:17 AM To: INCIDENTS () SECURITYFOCUS COM Subject: Re: Korea (was RE: ?) Hi folks, Hmmm, might possibly be an ethical question but it's not really a legal one - if you are dropped straight to a prompt with no terms and conditions of use, statements of authorised users only and the like then the chances of legal action would be almost non-existant IMHO. I don't see how connecting to an internet visible computer & port is illegal in itself and the comment on condoning cracking is a little harsh don't you think ? Extrapolating that argument would result in connecting to a web server on port 80 being regarded as cracking ???? Where do you draw the line ? I regularly see in my firewall logs that various mailservers, DNS servers and the like are pinging me - is this scanning ? Is this legal ? *shrug* I decide what I consider benign or aggressive behaviour on percieved intent, not specific action. Just my two penneth ;-) Regards, JJ Sed quis custodiet ipsos custodes ? ----- Original Message ----- From: Brooke, O'Neil <o'neil.brooke () LMCO COM> To: <INCIDENTS () SECURITYFOCUS COM> Sent: Thursday, January 27, 2000 11:40 PM Subject: Re: Korea (was RE: ?)
Well, while you're there, why don't you poke around and see if you can
find
out who ownz that box? Could be useful to know that... RGF Robert G. Ferrell Internet Technologist National Business Center, US DoI Robert_G_Ferrell () nbc govThis is not a very ethical statement. Especially when you consider the email address you have used to send this message. Does the National Business Center condone 'cracking', when it is useful?
Current thread:
- Re: Korea (was Re:?) Winson, Stephen (Jan 31)
- Re: Korea (was Re:?) Jose Nazario (Feb 01)
- <Possible follow-ups>
- Re: Korea (was Re:?) Winson, Stephen (Feb 02)
- Re: Korea (was Re:?) HyunCheol, Jeong (Feb 13)