[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [novalug] Probing of a server, Unethical , wrong, should I persueit??
- To: "Miles D. Oliver" <moliver @ linux . lgi . com>
- Subject: Re: [novalug] Probing of a server, Unethical , wrong, should I persueit??
- From: Maxwell Spangler <maxwell @ clark . net>
- Date: Fri, 31 Dec 1999 13:56:05 -0500 (EST)
- cc: novalug @ tux . org
- In-Reply-To: <00d301bf53bb$03d2ce40$8e39accf@oliver1>
- Sender: owner-novalug @ tux . org
On Fri, 31 Dec 1999, Miles D. Oliver wrote:
> When thanked for his help we later found that he took it upon himself to
> 'probe' the server for open and responding ports. After a time period we
> discovered the refused attempts and since he was part of the mailing list he
> was questioned about the 'probe'. He immediately took offense and decided
> to take a belligerent approach to things and the group wishes me, who runs
> the serve to report it to his company superiors of his actions. He works for
> an ISP.
>
> To me, probing like this is unethical and I do want to pursue it as he feels
> nothing wrong in what he has done and conversations are degrading into the
> toilet about his actions.
I think the most important thing to consider in your situation is intent.
If someone you trusted probed your computer and then wrote you a note stating
that some vital service was open, you would probably not want to press charges
or have their ISP close their account.
On the other hand, if someone with a known past of breaking into computers in
order to steal information or damage them was probing your computer, you
would probably handle the situation differently.
In this case, you've got someone whose intentions are unknown. He might have
just gotten curious about how well you run your system and decided to probe
you. He might have then responded with a message about it in order to make
him look like a more capable administrator--a little battle of the egos. A
lot of ego battles happen on mailing lists, you know :)
One thing you might have done is to open a few services in controlled ways and
let the intruder into a controlled environment. Then you could watch and log
his actions. If he starts trying to damage things, you obviously know what
his intentions are and you can take whatever actions you are feel are
appropriate without doubting yourself.
Regardless, I think you know that your first responsibility is to secure your
systems so that no one can break into them in the first place. Seems like
you've done that. Securing your systems and ignoring attempts and failed
breakins is a lot easier than cleaning up whatever mess is left after someone
does get in.
---------------------------------------------------------------------------
Maxwell Spangler, Program Writer Greenbelt, Maryland USA
** Happy New Year! :) Please visit http://www.thehungersite.com/ **
Just by visiting you can give food to those in need without any cost to you.
To unsubscribe, send a message to esquire@tux.org with
unsubscribe novalug
as the BODY of the message. The SUBJECT is ignored.