Re: RPAT - Realtime Proxy Abuse Triangulation

[Kevin Reardon <Kevin.Reardon () oracle com>]

Is not SNMP used to manage the Internet?  I would think that queries on 
public would not be illegal at all.  More like a passerby looking at the 
 sign on the door.  Breaking into the system into the read/write 
community might land you in the clink (or if somebody got rambunctious, 
in Cuba).

---K

Jay D. Dyson wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Tue, 24 Dec 2002, Mathias Wegner wrote: 
>
>
> > > I would be very nervous about running this, remote SNMP queries of
> > > someone elses system (say a .gov or .mil proxy) may be considered
> > > illegal activity in some jurisdictions.
> > Depending on the SNMP daemon, it would/should be as illegal as opening
> > an ssh investigating the system from the command line.  Most SNMP offers
> > at least some amount of configuration via the read/write community.  I
> > know that when I see SNMP queries on network hardware that I manage, I
> > consider it hostile activity. 
>
>         Color me jaded, but if someone has an open proxy and spam is
> spewed my way via that avenue, it's a pretty fair bet that the system I'm
> scanning is run by an admin who -- whether through ignorance or sloth --
> doesn't know or do jack about securing or monitoring his system. 
> Moreover, open is open; whether a relay, proxy or anonymous FTP server. 
> It is impossible to be charged with breaking and entering when there's no
> breaking involved. 
>
>         With that in mind, I would not waste any time or energy worrying
> about whether or not my scan would be picked up.  Let's face it, a spammer
> just spewed through the idiot's proxy.  Yet we're supposed to believe that
> this otherwise lazy dope now possesses the Eagle Eye of All Intrusion
> Detection Systems?  Maybe I'm just cynical, but I really doubt it.
>
>         All that said, I should point out that I am not a lawyer.  I
> prefer to make an honest living. 
>
> - -Jay
>
>    (    (                                                         _______
>    ))   ))   .-"There's always time for a good cup of coffee."-.   >====<--.
>  C|~~|C|~~| (>------ Jay D. Dyson - jdyson () treachery net ------<) |    = |-'
>   `--' `--'  `How about a 10-day waiting period on YOUR rights?'  `------'
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (TreacherOS)
> Comment: See http://www.treachery.net/~jdyson/ for current keys.
>
> iD8DBQE+DJooTqL/+mXtpucRAjy+AKCZ9eiSmvKyuSzZuNX9hbXTF9IDRACg4/gN
> 2Gs+0tVYEQqykUc+/AUgFBg=
> =/ofa
> -----END PGP SIGNATURE-----
>
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management 
> and tracking system please see: http://aris.securityfocus.com



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com