On 19 Jul 99, at 9:08, Bill Stackpole wrote:
> Last time I checked, scanning or probing a system for security flaws,
> isn't illegal (at least in this state it isn't).
As I recall, Randall Schwartz got in trouble for "scanning or probing" his
then-employer's "system for security flaws" WITHOUT AUTHORIZATION....
While one may argue that it is not illegal to "rattle a doornknob to
determine whether it is locked", in practice it could very well be illegal
to *open that door* -- and I wouldn't give odds on convincing a court that
that wasn't what you were trying to do.
To the extent that the claim "it isn't illegal" is true, I don't believe
it's useful, and I kind of wish people would stop repeating it.
> So the only thing you can do is let the ISP know that the activity is
> going on.
Regardless of any criminal legality, such activity is a violation of most
ISPs' Terms of Service. I figure that most script kiddies will decide it's
not much fun after the third or fourth time explaining to their parents why
the family needs a new ISP again -- and so will never become a more serious
threat. We can discourage a whole lot of wannabe's for a fraction of what
has been spent so far on catching and incarcerating Kevin Mitnick.
So notifying the ISP isn't some last resort that we should be turning to in
reluctant desperation -- it's our most readily available mechanism for
discouraging wannabes before they do much damage.
> Try to include the date, time and IP address so they can look up the
> user in their RADIUS accounting log (assuming they use accounting).
With most ISPs using dynamic allocation of IP addresses to dial-up
sessions, your problem report is a complete waste unless you can include
date, time (remember about time zones or use UTC!) and IP address. Ideally,
you log will show all three, right?
> I'd encourage every one to do this everytime they see a problem because I
> believe (and I am not a attorney so check this out with yours) it is
> possible to hold the ISP liable for damages their subscriber do if they
> knew about the activity and did nothing to correct it.
If you've suffered damages enough to make it worthwhile going after the ISP,
your business may never recover. There's a name for companies whose business
plan relies on suing other businesses for damages incurred by their negligence
-- History.
[I agree with the recommendation to contact the ISP, but I completely
disagree with the reasons you've chosen to give.]
David G
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
