> Just curious what other think about the rattling door knobs question. Is it
> wrong to probe a system for security flaws if you have no evil intent? I
> check my neighbor's doors when they are on vacation to make sure no one has
> broken in, look in the windows to make sure everything is normal. Does that
> make me a criminal? I doubt it.
I think the key is do you have permission to rattle the doorknobs. If
you do great, if you don't then no matter how benign your intent, it
will still be looked upon with suspcion, and depending on whose
doorknobs you rattle you might get a visit from the local law
enforcement agency.
>
> Over the years, I've called many a company to inform them of potential
> security risks I have observed. Some have come to me in the mail, some as
> extraneous packets on my Internet connection and others as the result of my
> testing the effectiveness of certain security tools.
>
> I do such things to help people build more secure systems. I'm interested
> in what others think about the ethics or criminality of such conduct.
>
> Your comments.
>
>
>
>
> > -----Original Message-----
> > From: Rabid Wombat [SMTP:[EMAIL PROTECTED]]
> > Sent: Monday, July 19, 1999 6:45 PM
> > To: Bill Stackpole
> > Cc: [EMAIL PROTECTED]
> > Subject: RE: Response to hack attempt?
> >
> >
> > This is why setting up a "bait" system with a chroot "jail" is a good
> > idea. If you can't nail them for probing, you get a chance to nail them
> > for hacking into the (deliberately weakened) system, and have logs to show
> > what they try to do from there. Probing may be akin to rattling the
> > doornob to see if it's locked, but hacking the bait system is B&E.
> >
> > -r.w.
> >
> >
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
