Security Incidents mailing list archives
Re: A question for the list...
From: Ray Stirbei <me () highentropy org>
Date: Mon, 26 May 2003 23:12:35 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Its close in that spamming is unethical, at least according to IAB/rfc1087. It is also illegal in some states (http://www.spamlaws.com/us.html) and there were some trials. I could be wrong, but I suspect striking back in the context of Tim's proposal and others on this thread meant disabling the attacking host directly. To me, spam RBLs are analogous to packet filters that drop traffic from specific hosts attempting to connect to your network. ray
I have isolate the item above since it contains the gist of your question. My personal feeling is that sooner or later the owners of the mis-managed devices in question will be held to the legal definition of negligence which covers the "failure to take safe guards used by a reasonable and prudent individual".I don't think that this is the case. Not that it couldn't be the case, but if we say, Use "spammer" in place of worm host,,, Many of us feel that spamming as it is practiced (just about every way possible) is not proper network use, and is in fact willful mismanagement. No one is actually being taken to task, so many folks have adopted a somewhat passive strike back by using black hole lists to disallow access to their sections of the network. Isn't this sort of the same thing? --------------------------------------------------------------------------- - *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-incidents --------------------------------------------------------------------------- -
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+0tenzejBliQ3SdsRAjyNAKC7kSOqAnwnuYNgpRUXHBuLWz1rewCfRG75 xTERx+wBgQsYLU7W4Uvs6vY= =rqBA -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: A question for the list..., (continued)
- Re: A question for the list... Valdis . Kletnieks (May 25)
- Re: A question for the list... Dave Booth (May 22)
- Re: A question for the list... Kevin Reardon (May 22)
- Re: A question for the list... Brian Finn (May 22)
- Re: A question for the list... Kevin Reardon (May 23)
- Re: A question for the list... Brian Finn (May 22)
- RE: A question for the list... King, Brian (May 22)
- Re: A question for the list... Kevin Reardon (May 23)
- Re: A question for the list... Stephen P. Berry (May 23)
- Re: A question for the list... Jimi Thompson (May 23)
- Re: A question for the list... Chip Mefford (May 26)
- Re: A question for the list... Ray Stirbei (May 27)
- RE: A question for the list... Jonathan A. Zdziarski (May 28)
- RE: A question for the list... ktabic (May 29)
- RE: A question for the list... Rob Shein (May 29)
- RE: A question for the list... Russell Harding (May 30)
- RE: A question for the list... Russell Harding (May 30)
- Re: A question for the list... Chip Mefford (May 26)
- Re: A question for the list... Jeff (May 29)
- RE: A question for the list... Jonathan A. Zdziarski (May 29)