Security Incidents mailing list archives
Re: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation
From: Russell Fulton <r.fulton () auckland ac nz>
Date: 03 Jan 2003 11:18:35 +1300
On Fri, 2003-01-03 at 07:25, Kevin Reardon wrote:
In the case where a road is not specifically signed to not trespass or properly gated, it is unknown to a reasonable man if this road is a government run road or private, thus a person may trespass without knowledge but would be innocent of the crime.
Personally I think this is the best analogy given so far. What it means is that unless there is some form of access control then you are may assume it is public highway. The issue of intent is also important (but as our ex police friend pointed out very difficult to prove -- hmmm.. is a xmas or SYN+FIN packet the cyber equivalent of a jemmy?). My rule of thumb is if the service is publicly access then they may be accessed so long as you don't do anything that might cause damage or breach privacy. I.e. putting your head in the door and hollering "Any one home" is OK, rummaging through the office filing cabine looking for phone number of the owners insurance company so you can warn them isn't! (it breaches the owners privacy). With SNMP grabbing the machine make and type might be justifiable but this should not extent to someone walking the complete SNMP MIB. The corollary is that if you leave services open with no access control expect people to look around. Cheers, Russell. -- Russell Fulton, Computer and Network Security Officer The University of Auckland, New Zealand "It aint necessarily so" - Gershwin ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Gary Flynn (Jan 02)
- RE: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (Jan 02)
- RE: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Christopher X. Candreva (Jan 02)
- Re: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Kevin Reardon (Jan 02)
- Re: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Russell Fulton (Jan 02)
- RE: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (Jan 02)