Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Code Red attacks

From: Erek Adams <erek () theadamsfamily net>
Date: Mon, 17 Sep 2001 15:22:26 -0700 (PDT)
On Mon, 17 Sep 2001, Jason Withrow wrote:


What is the legal issue, it is a purely defensive mechanism.


Well...  I'm not a lawyer, but:  You're doing _something_ to someone elses
machine--Uninvited.  That in and of itself can put you in a lot of legal
hotwater, depending on the remote sites security policy.  Now, I'm not arguing
the morality of what you're doing, or what you intend to do, but the act of
accessing someone elses stuff without consent puts you into the same class as
a 'hacker' in a lot of corportate security policy eyes.

Instead, "Do the Right Thing".  :)  Anyone from your local subnets, give them
a call.  Most of the CR{I,II,III} tend to target the local subnets over remote
ones.  A quick use of whois and traceroute will usually give you a fair idea
of where someone is at physically.

Or simpler, block them at the router.  ;-)

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: