Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)

["abel" <able () able-towers com>]

Hmmm.

If someone threatens me with a gun, according to the laws of most countries,
I am allowed to defend myself, even if it is by blowing his head off with a
bigger gun.
One of the nice things on the internet was that, setting aside the
scriptkiddies and their adolescent behaviour, people reacted differently.
However we caught up with real life, as was to be expected and we are no
longer talking about the need to shoot back, but the size of the gun.

Why would we look upon the idea of a "code-green" variant, whichever it will
be as "immoral" and "unethical" ?
If your son decides to have unprotected sex at age 15, do you hand him a
condom and explain why he should use, despite the fact that he is legally to
young ? Or do you let him do whatever he had planned and run the risk of
catching another sort of virus ?
Moral and ethics turn any discussion into a geese and gander story and it
should not be the point.

So many brilliancy on these lists, more then anyone could ever start to
imagine, and yet we are stuck in a discussion about ethics and morals where
we could work on the given and find a solution from there.

It has long been clear that large conglomerates, beit ISP's or software
vendors, do not really care for "your" problems.
the @home reaction is just as typical as the M$ reaction.
When someone blows your T1/T3 out of the cable through a simply started dDoS
just because they want to, or they believe that one of the services you host
has been "not nice", the reaction of those same "conglomerates is that "they
cannot filter" for numerous reasons, but a bill for bandwidth is
forthcoming.

Down from soapbox and back to brilliance, is it really so hard with a
combined effort, to create a retaliation program that does less then what is
happening now and stays withing ethic boundries ?

I for one would not like anything crawling into my servers, well intended or
mal-intended.
But.... with all those servers we also control a lot of routers, a lot of
"deny" files, wouldn't it feasible to "register" the "probe" as we do now
and instead of analyzing or retaliating with a "friendly" worm, we would
immediately update our routingtables and filters ?
not theirs, ours. Limiting the ip access to our routers and or services.
The way i see it is that a: the  users would start complaining pretty soon
when he can not go where he wants anymore and i let you have 3 guesses as to
where he goes with that complaint.
The idea is based on irc sub7 scans and subsequent banning, it works
erasnable there, why not with all these resources would it work here ?

anyway, just my ramblings, i've always been against shooting back, before
you know it they buy canons and outmatch my .44

abel wisman

P.S. if someone really feels this should be discussed beyond the timelimit
set by BB, i am gladly willing to set up a forum or whatever medium you
want, just holler

AW