nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Netgate.net.nz/ORBS spam colusion

From: "Alex P. Rudnev" <alex () virgin relcom eu net>
Date: Sun, 9 Jan 2000 21:04:30 +0300 (MSK)

Hmm, what does mean _PROBE? If my Unix open TCP connection with You windows, it
does not mean I probe YOUR property; this deal concern this twoi OS only... I do
not think anyone except may be Americal lawers (ORBS are out of their scope) can
accuse them; they only run some anty-relkaying system, not more...


It looks like Y2K problem. Don't be too paranoyed about them; block them if
they bother you, and forget this problem. Even if some lawers can open the
suite, it's 100% useless.



On Sat, 8 Jan 2000, Dean Anderson wrote:


Date: Sat, 08 Jan 2000 17:30:15 -0500
From: Dean Anderson <dean () av8 com>
To: Owen DeLong <owen () dixon delong sj ca us>, wsimpson () greendragon com,

     william () dso net

Cc: nanog () merit edu
Subject: Re: Netgate.net.nz/ORBS spam colusion


Around 08:14 AM 1/8/2000 -0800, rumor has it that Owen DeLong said:



However, I must question whether the activity Dean discusses is actually
criminal.  He does not accuse them of carrying out the attacks, he
accuses them of transporting information published by a third party
which notifies the world that his site is vulnerable to these attacks.


Umm, for the record, I do make such an accusation. When they probe a
non-public government computer, they are violating 18 USC 1030 Sections
2(b), 2(c), and 3.  Those are criminal violations.  You simply may not
probe government computers. Doing so is immediately a crime.  The $5000
limit is only for non-government computers.

Then they do other things, some of which are criminal (fraud is criminal),
and some of which may not be.


Since Dean has published information to NANOG and other public forums
stating that:
    1.      His sites _ARE_ vulnerable.


My customer shell servers' telnet sessions are vulnerable to password
theft, and password guessing. So are yours. So what?


    2.      He has no willingness to fix these vulnerabilities.


There isn't anyway to fix them.  There may be a protocol extension in the
future, but its not here yet.  I've been through this with 50 people in the
last 6 months.  That doesn't permit others to exploit them.


    3.      He intends to make the internet at large responsible
            for his negligence WRT these sites.


We have no negligence. And we do not hold the internet at large
responsible. Just those that exploit protocol vulnerabilites, and those who
assist with the exploitation.  If your customer commits crimes, and you
don't do anything about it after complaints are made, I expect that you
bear responsibility and liability.


I seriously doubt that publishing a list of known public-nuissances
is genuinely illegal.  Further, unless Dean has presented netgate
with a court-order showing that the court has indeed found said
activity to be illegal, I think they would be negligent in turning
off said service.


So publishing a list of sites which have vulnerabilities detected by SATAN
scans wouldn't be illegal?  Thats what you are saying.

As far as court orders go, the point of this discussion is to make sure we
have exhausted all non-litiguous options.


How would you like it if your ISP shut you down because I
complained to them that you were sending out messages that
contained information that was publicly available, but which
I didn't want published?  That's what Dean's really saying.


No, its not what I'm saying.  Would you object if I published a list of
your servers which could be broken into, and said that it was OK with you
to break into those systems?  I think you would.  

But if you wouldn't mind, I'll be happy to have your permission to scan
your net with SATAN and publish a web page for the script kiddies.  What
was that? You don't give me permission?  I didn't think so.



++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
           Plain Aviation, Inc                  dean () av8 com
           LAN/WAN/UNIX/NT/TCPIP          http://www.av8.com
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++




Aleksei Roudnev,
(+1 415) 585-3489 /San Francisco CA/
Previous By Date Next
Previous By Thread Next

Current thread: