RE: RPAT - Realtime Proxy Abuse Triangulation

["Rob Shein" <shoten () starpower net>]

This is fundamentally flawed logic.  To cite a physical-world
equivalent, just because a door isn't locked doesn't make entering it
against the wishes of the occupant anything other than breaking and
entering, plus unlawful entry if you have illegal intent upon entering.
The law does not recognize that failure to properly defend against
criminal behavior means that you surrender all the protective means
afforded by the criminal justice system.

> -----Original Message-----
> From: Gary Flynn [mailto:flynngn () jmu edu] 
> Sent: Saturday, December 28, 2002 9:47 AM
> To: Mathias Wegner
> Cc: Kurt Seifried; Stephen Friedl; incidents () securityfocus com
> Subject: Re: RPAT - Realtime Proxy Abuse Triangulation
>
>
> Mathias Wegner wrote:
>
> > > I would be very nervous about running this, remote SNMP queries of 
> > > someone elses system (say a .gov or .mil proxy) may be considered 
> > > illegal activity in some jurisdictions.
> > >    
> >
> > Depending on the SNMP daemon, it would/should be as illegal 
> as opening 
> > an ssh investigating the system from the command line.  Most SNMP 
> > offers at least some amount of configuration via the read/write 
> > community.  I know that when I see SNMP queries on network hardware 
> > that I manage, I consider it hostile activity.
> >  
> On the other hand, if someone exposes an snmp server to the public 
> network with
> a default community name, I'd say they're making it as 
> accessible as an anonymous ftp server, Microsoft C$ file 
> share with no Administrator 
> password,
> Kazaa share of entire hard drive, or telnet server with an account of 
> "root" and no
> password. I would think it would be hard to prosecute someone 
> in such a 
> case
> when the service was made publicly available.
>
> Not to say that incompetence is justification for criminal 
> behavior but 
> how is someone
> poking around the net to know which doors are left 
> intentionally opened 
> and which
> are stupid mistakes? If I'm driving down the road and see an 
> interesting, unmarked
> driveway/road and go up it out of curiosity, am I breaking a 
> law? Surely 
> the owners
> of a service or road that don't want people in there should mark or 
> block it.
>
>
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus ARIS analyzer 
> service. For more information on this free incident handling, 
> management 
> and tracking system please see: http://aris.securityfocus.com


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com