"Richard B. Gilbert" <[email protected]> writes: >Unruh wrote: >> Tim Shoppa <[email protected]> writes: >> >>> On Dec 30, 12:32=A0pm, Unruh <[email protected]> wrote: >>>> "Richard B. Gilbert" <[email protected]> writes: >>>> >>>> >>>> >>>> >>>> >>>>> Tim Shoppa wrote: >>>>>> On Dec 29, 10:47 pm, [email protected] (Danny Mayer) wrote: >>>>>>> Antonio, >>>>>>> If you are really from nic.br please use your email address from that >>>>>>> domain. It is unacceptable to use a gmail account for such notificati= >>> ons. >>>>>>> Danny >>>>>> This is usenet, where anyone can set their "from" address to anything >>>>>> they want, and posting with an E-mail address that is adequately spam- >>>>>> filtered makes perfect sense. >>>>>> I'm not sure there's any real requirement that anyone has to announce >>>>>> any particular e-mail address to run a NTP survey. He made the >>>>>> methodology clear, said where the queries will be coming from, and I >>>>>> think it's good that surveys continue and, like Antonio and his >>>>>> collaborators do, they make the details and results public. >>>>>> Tim. >>>>> There is no requirement that he even announce his survey! =A0It is polit= >>> e >>>>> for him to do so but no more than that. >>>> Well, Under various laws he may be guilty of hacking/cracking/illegal use >>>> fo computer time/... unless he gets permission. There has at least been a >>>> strong feeling by many expressed that access does not imply permission. I= >>> e, >>>> just because the ntp port is open does not mean that anyone has permissio= >>> n >>>> to use that port (eg is port scanning legal?). It is of course a complete= >>> legal can of worms. >>>> But announcing the survey here might be useable as a partial defense =A0i= >>> f >>>> the worms wriggled out of the can. >> >>> Bill - >>> NTP surveys are good things. NTP Surveys that publish their results >>> are even better. A NTP client is a server. Port scanning is bad. >> >> I do not dispute that and I suspect that any court would take that position >> as well. I am hypothesising that one of the reasons they announced the >> survey was as one more brick in a possible defence against some prosecutor >> in some jurisdiction accussing them of hacking. >> >> There have been interminable arguments as to whether or not port scanning >> should be criminalised. That would almost certainly extend to this kind of >> survey. I think it would be a very bad idea to criminalise port scanning, >> but many people think otherwise. >>
>Port scanning, very occasionally, has legitimate purposes. I once used >a port scanning program to find out what port(s) a copier/printer used. > It did not use the standard port that I expected but the port scan >told me what I wanted to know. >Now port scanning something that is not yours, if not criminal, is >certainly extremely bad manners and suggests that you have nefarious >intentions. It goes on all the time! I have a router/firewall that Well, the ntp survey is a "port scan " (one port, but getting no trivial information from it). Any law would have a hard time differentiating between the "port scanning that is not yours" and the ntp survey. >blocks all incoming traffic unless the connection was initiated from >inside the firewall. I occasional look at the logs just for grins. >Somebody is banging on that box every ten seconds or so, twenty-four and > seven! Not all the people banging on that box are running port scans, >of course, most of them seem to be trying ports 1028 and 1029; I think >they may have something to do with instant messaging. >My external address is assigned by DHCP and has changed many times over >the years. I have no idea what it is at the moment and don't really >care. It enables the machines I want to talk to to reply to me. If I >really wanted to get into my network from outside, I could configure the >router to allow it but I have never done so and doubt that I ever will! _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
