Hosting Provided By

Re: RPAT - Realtime Proxy Abuse Triangulation

From: Gary Flynn <flynngn(at)jmu.edu>
Date: Sat Dec 28 2002 - 09:46:55 EST

>>I would be very nervous about running this, remote SNMP queries of someone
On the other hand, if someone exposes an snmp server to the public network with
a default community name, I'd say they're making it as accessible as an anonymous ftp server, Microsoft C$ file share with no Administrator password,
Kazaa share of entire hard drive, or telnet server with an account of "root" and no
password. I would think it would be hard to prosecute someone in such a case
when the service was made publicly available.

Not to say that incompetence is justification for criminal behavior but how is someone
poking around the net to know which doors are left intentionally opened and which
are stupid mistakes? If I'm driving down the road and see an interesting, unmarked
driveway/road and go up it out of curiosity, am I breaking a law? Surely the owners
of a service or road that don't want people in there should mark or block it.

This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Mon Dec 30 12:02:58 2002

This message: [ Message body ]
Next message: Rob Shein: "RE: RPAT - Realtime Proxy Abuse Triangulation"
Previous message: Rob Shein: "RE: RPAT - Realtime Proxy Abuse Triangulation"
In reply to Mathias Wegner: "Re: RPAT - Realtime Proxy Abuse Triangulation"
Next in thread: Rob Shein: "RE: RPAT - Realtime Proxy Abuse Triangulation"
Reply: Rob Shein: "RE: RPAT - Realtime Proxy Abuse Triangulation"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:55 EDT