Security Incidents mailing list archives
Re: @home: Is *anyone* really home there???
From: jpapen () YAHOO COM (Jeffrey Papen)
Date: Thu, 24 Feb 2000 16:24:03 -0800
<SNIP>
I find it interesting and discouraging that @home apparently feels free to harbor hackers and other criminals, but will not offer services to security professionals.
This is such a myopic 'poor me' view of the situation. @Home doesn't allow anyone to do these activities. Why did you bother asking? What did you expect them to say? How do they know you're legit? @Home has to have 1 policy for everyone. Ask DSL or any ISP if they'll allow you to hack (even your own company) from their phone lines and they'll tell you the same thing. Why do you feel the need to single out @Home? Case in point - how many ISPs stopped offering shell accounts for this very reason. They were a great tool for the average user and gold for a hacker. Either way it doesn't matter because they won't block you. Unlike other services (DSL) @Home only blocks inbound ports 137-139 and 1080 on your cable modem. Everything else is fair game. @Home isn't "harboring" hackers. @Home has as many hackers as UUNet, Sprint, C&W, or any other ISP.
I guess we just have to mark them down as "bad guys" until they learn to play nice on the Net.
WHAT?!? Ok, then let's call every other ISP a "bad guy" too. No ISP (with the possible exception of deamon.co.uk) says it's cool to hack. Everyone is going to give the same acceptable use policy. I personally believe that there is only 1 acceptable use policy and everyone just copies it. \ Either way I can't honestly believe that for $40 / month you get unlimited bandwidth and are now going to piss and moan that the mean old ISP said I can't do something I want. Go ahead and do it. What's the worst they'll do to you? Nothing. Absolutely nothing. If they tell you to stop, go get DSL. When DSL tells you to stop, get a leased line from an ISP. When the ISP tells you to stop, get a direct connect to your company and copy the same access-list to your access router as you have on your internet access router(s). If the day ever comes that @Home comes down on your for testing your own companies network (and no one complains to @Home about you doing it), I'll buy you a beer. Hell, I'll deliver the beer personally and you can tell me what a jerk I am. - Jeffrey
Cheers, Phil
===== Yahoo Network Engineering work: 408-616-3897 page: 408-619-0572 cell: 650-580-2684 email: jeffrey () papen com beep: page-jeffrey () papen com __________________________________________________ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com
Current thread:
- Re: @home: Is *anyone* really home there???, (continued)
- Re: @home: Is *anyone* really home there??? Jeffrey Papen (Feb 24)
- Re: @home: Is *anyone* really home there??? Jeffrey Papen (Feb 24)
- Re: @home: Is *anyone* really home there??? Wozz (Feb 25)
- Re: @home: Is *anyone* really home there??? Greg A. Woods (Feb 28)
- Re: @home: Is *anyone* really home there??? Wozz (Feb 28)
- Re: @home: Is *anyone* really home there??? David Kennedy CISSP (Feb 28)
- TIS and fingerprinting Dino Amato (Feb 28)
- Re: @home: Is *anyone* really home there??? Wozz (Feb 28)
- Re: @home: Is *anyone* really home there??? Wozz (Feb 25)
- ssh wierdness spiff (Feb 26)
- Re: ssh wierdness Markus Friedl (Feb 28)