Security Incidents mailing list archives

Re: RPAT - Realtime Proxy Abuse Triangulation

From: Mathias Wegner <mwegner () cs oberlin edu>
Date: Tue, 24 Dec 2002 12:21:31 -0500

I would be very nervous about running this, remote SNMP queries of someone
elses system (say a .gov or .mil proxy) may be considered illegal activity
in some jurisdictions.


Depending on the SNMP daemon, it would/should be as illegal as opening an ssh
investigating the system from the command line.  Most SNMP offers at least
some amount of configuration via the read/write community.  I know that when
I see SNMP queries on network hardware that I manage, I consider it hostile
activity.

mathias

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

RPAT - Realtime Proxy Abuse Triangulation Stephen Friedl (Dec 20)
- Re: RPAT - Realtime Proxy Abuse Triangulation Kurt Seifried (Dec 24)
  - Re: RPAT - Realtime Proxy Abuse Triangulation Mathias Wegner (Dec 27)
    - Re: RPAT - Realtime Proxy Abuse Triangulation Jay D. Dyson (Dec 27)
    - Re: RPAT - Realtime Proxy Abuse Triangulation Kevin Reardon (Dec 27)
    - RE: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (Dec 30)
    - Re: RPAT - Realtime Proxy Abuse Triangulation Greg Barnes (Dec 30)
    - Re: RPAT - Realtime Proxy Abuse Triangulation Gary Flynn (Dec 30)
    - RE: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (Dec 30)
    - Re: RPAT - Realtime Proxy Abuse Triangulation Syzop (Dec 30)
- <Possible follow-ups>
- Re: RPAT - Realtime Proxy Abuse Triangulation Stephen Friedl (Dec 27)
- Re: RPAT - Realtime Proxy Abuse Triangulation Jay D. Dyson (Dec 30)
  - Re: RPAT - Realtime Proxy Abuse Triangulation Greg Barnes (Dec 30)

(Thread continues...)