It gives me great pleasure to report an "individual" who is scanning
for a Trojan. Even more to have their time wasted trying to penetrate.
It must be frustrating for them. Then even more to find they have
been contacted.
----- Original Message -----
From: "Michael E. Cummins" <[EMAIL PROTECTED]>
To: "Firewalls Mailing List" <[EMAIL PROTECTED]>
Sent: Friday, February 18, 2000 6:52 PM
Subject: RE: Spock: We are being Scanned Captain:-))
> door is say unlocked and the passer by sees that.. IMHO the
punishable
> per se crime does not occur until the said individual actually opens
the
> door physically/virtually and jumps into the vehicle 'without keys
and
> authorization' naturally. then the meter starts running and the
> infringements
> begin to occur..
First off, I am not the law and I am not punishing anyone. When I see
someone advancing in a threatening manner I take measures to obfuscate
myself and report the matter to the appropriate authorities minus the
overboard "Chicken Little" panic.
Secondly, if someone is walking up and down the beach eying everyone's
car
door locks, I would rather have my eye on *them*
Thirdly, if you *must* explain everything with analogies... Viewing
the car
lock is a passive act. Scanning my ports is an active act, and a
malicious
one at that if it is obvious to me that you are looking for machines
that
are infected with Trojans. I think that Frederick is dead on with
*his*
analogy about jiggling the doorknobs. If someone jiggles *my*
doorknobs, I
want to have security cameras on the building 24/7 and a Billy Jo-Bob
Redneck running around the premises with a shotgun!
It all boils down to, methinks, a difference of opinion between
corrective
and preventive security measures. It seems to me that you recommend
being
violated before taking action, that you view reacting to port scans as
an
infringement on basic community rights and freedoms. I recommend a
standoffish but very-aware attitude unless the intruder is obviously
looking
for something nefarious, as was my case. (A pretty poor attempt if
the
words "NetBus-Pro and Backdoor-G1" actually show up in my logs) Any
attempt
to profile my system will result in a short letter to the offender's
ISP, if
it can be identified. This will at least contribute to weeding out
the
moronic script kiddies. If the intruder is spoofing his probe to
begin
with, you've got more worries anyway. In *that* case I suppose the
best
offense is a good defense.
Is this true, or do you wish to further clarify your point?
Please post to the group, this is fascinating stuff.
,_,
(O,O)
( )
-"-"---------------------------------------------------------------
| From the Desk of Michael E. Cummins |
| |
| WEBSITE: http://www.i-magery.com |
| E-MAIL: mailto:[EMAIL PROTECTED] |
| |
| "The main thing is to keep the main thing, the main thing" |
| - Albert Einstein |
| |
| "Si hoc legere scis numium eruditionis habes" |
-------------------------------------------------------------------
====================================================
And for you automated email spammers out there,
here are the email addresses of the current board of
the Federal Communications Commission:
Chairman William Kennard: [EMAIL PROTECTED]
Commissioner Susan Ness: [EMAIL PROTECTED]
Commissioner Harold Furchtgott-Roth: [EMAIL PROTECTED]
Commissioner Michael Powell: [EMAIL PROTECTED]
Commissioner Gloria Tristani: [EMAIL PROTECTED]
And let's help you send some spam to the USPS, too:
[EMAIL PROTECTED]
====================================================
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
