----- Original Message -----
From: Paul D. Robertson <[EMAIL PROTECTED]>
To: P L STEINBRUCH <[EMAIL PROTECTED]>
Cc: Derek Martin <[EMAIL PROTECTED]>; Paul L. Lussier
<[EMAIL PROTECTED]>; William Joynt <[EMAIL PROTECTED]>; Bill Joynt
<[EMAIL PROTECTED]>; Dave Gillett <[EMAIL PROTECTED]>; Firewall list
<[EMAIL PROTECTED]>; Paul L. Lussier <[EMAIL PROTECTED]>
Sent: Saturday, July 24, 1999 12:35 PM
Subject: Re: trial & charges
> On Sat, 24 Jul 1999, P L STEINBRUCH wrote:
>
> > Paul.
> >
> > In this case you have caracterized a DoS using port scanning , don't you
?
> > IMHO , this is a little bit different than just do a port scanning ,
......
>
> The point is that a *single packet* from a portscan can cause a DoS -
> that's "just do a port scan" in my book - how isn't it in yours?
Sure , at least due to the agregate volume , but again this "part of the
job" in the way I was seeing it , but
>
> > > users, and poorly-written stacks in such equipment can die when handed
> > > fragmented packets typically used for "stealth scanning."
>
> In my case, I came across the CISCO IOS bug that meant a fragmented packet
> to syslog's port would bring down the routers.
>
> I wasn't *trying* to flood the network during a scan, in fact I was trying
> to do no harm at all. As I said, I was doing a sanctioned scan - I _knew_
> what equipment was at the other end (but I didn't check for versions prior
> to scanning - now that's on my list) and I _still_ brought down the
> provider. How can you say that someone with no idea of what he or she is
> sending packets at will do no harm?
here I think you make a point , thank you.
>
> A simple port scan *can* do harm. There's no doubt that somewhere
> someone has equpiment that's affected by other types of scans- you can't
> *know* the scan won't cause harm, and without permission it's _at_least_
> morally wrong
Yes I do agree , but was not morality that was in question (I think it is
moraly wrong "just try the door's knob of your neighbor" *and* it is not
"illegal" in some situations - for instance , if it is not implying in
trespassing the
property limits)
Anyway , as I said before , you make a point. If someone must crash , let it
be crashed by another one who is
"autorized" to do that - even if the later do not intend to do that - sounds
crazy but it is logic , right , and legal.
if not legally wrong (at least in some jurisdictions it is -
> and people in those jurisdictions have every right to file a lawsuit.)
>
> Paul
> --------------------------------------------------------------------------
---
> Paul D. Robertson "My statements in this message are personal
opinions
> [EMAIL PROTECTED] which may have no basis whatsoever in fact."
>
PSB#9280
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
