Re: Scanning the Internet for Vulnerabilities

2022-06-22 Thread John Curran 
Barry -

I did not say “obligation” - enforcement of laws is always modulated by local 
factors
 (just look at the formal decision not to prosecute “minor” crimes in some 
cities) - 
but rather said that police will pursue in many jurisdictions.   This is 
particularly true 
in cases where the perpetrator is still on the premises to be taken into 
custody.

Yes, there are indeed places in the physical world where legal recourse against 
a 
perpetrator is becoming less likely (just as it is on the Internet); this is 
particularly 
disappointing given that legal recourse is recognized as a basic human right.

Thanks,
/John

Disclaimers: my views alone.  Use/reuse/delete as desired. 
Contents may be hot; use caution when handling.

> On Jun 22, 2022, at 5:45 PM, b...@theworld.com wrote:
> 
> 
>> On June 22, 2022 at 10:35 jcur...@istaff.org (John Curran) wrote:
>> Barry - 
>> 
>> 
>>There is indeed a metaphor to your “rattling doorknobs", but it’s not
>>pretty when it comes to the Internet…   
>> 
>>If you call the police because someone is creeping around your property
>>checking doors and windows for 
>>possible entry, then they will indeed come out and attempt to arrest the
>>perpetrator (I am most certainly 
>>not a lawyer, but as I understand it even the act of opening an unlocked
>>window or door is sufficient in many 
>>jurisdictions to satisfy the “breaking the seal of the property” premise
> 
> One can find a lot of articles and court decisions which amount to no,
> the police have no such obligation despite people's strong belief that
> they do:
> 
>  
> https://mises.org/power-market/police-have-no-duty-protect-you-federal-court-affirms-yet-again
> 
>  https://en.wikipedia.org/wiki/Town_of_Castle_Rock_v._Gonzales
> 
>  (not even if you have a restraining order against the person)
> 
> etc.
> 
> They do have an obligation to protect someone when they are in their
> custody but that's about it.
> 
> The recent behavior of the Uvalde police standing around while
> children were being shot may not have been their proudest moment but
> they violated nothing by doing so.
> 
>  https://www.thenation.com/article/society/uvalde-police-supreme-court/
> 
> So let's try to extrapolate that to the internet and LEOs...good luck!
> 
>>and warrant charging under breaking 
>>and entering statues.)
>> 
>>Now welcome to the Internet…  paint all your windows black, remove all
>>lighting save for one small bulb
>>over your front entry.   Sit back and enjoy the continuous sounds of
>>rattling doorknobs and scratching at 
>>the windows.
>> 
>>If/when you find a digital culprit creeping around inside the home, your
>>best option is burn down the place 
>>and start anew with the copies you keep offsite in storage elsewhere.  
>>Similarly if you find a “trap” (e.g., 
>>a phishing email) placed on your patio or amongst your mail… discard such
>>cautiously and hope your 
>>kids use equal care. 
>> 
>>“Best practice” for handling these situations on the Internet is
>>effectively to cope as best you can despite
>>being inundated with attempts – i.e. most Internet security professionals
>>and law enforcement will tell you
>>that the idea of actually trying to identify and stop any of the culprits
>>involved is considered rather quaint
>>at best – i.e. we’re instead going to engage in the worlds longest running
>>game of “whack-a-mole” by just
>>blocking their last known website/mail server/botnet and the wishing for
>>the best…  
>> 
>> 
>> Enjoy your Internet! 
>> /John
>> 
>> Disclaimers:  My views alone - use, reuse, or discard as desired.   
>>  This message made of 100% recycled electrons. 
>> 
>> 
>>On 22 Jun 2022, at 12:04 AM, b...@theworld.com wrote:
>> 
>> 
>>When I lock the doors etc to my home I'll often mutter "ya know, if
>>someone is rattling my door knob I already have a big problem."
>> 
>>I suppose when I'm home it might give me a warning if I hear it.
>> 
>>There must be a metaphor in there somewhere.
>> 
>>I do recall as a teen noticing that one of the closed store's on the
>>main drag's door was unlocked late one night walking home (this was in
>>NYC.)
>> 
>>I saw a cop and told him and he scolded me angrily for rattling door
>>knobs, I could be arrested for that! But verified it, looked around
>>inside with his flashlight, and called it in.
>> 
>>I forget how I noticed but I wasn't in the habit of rattling stores'
>>door knobs, I think the door was just a bit ajar.
>> 
>>There must be a metaphor in there somewhere.
>> 
>>On June 21, 2022 at 10:01 mpal...@hezmatt.org (Matt Palmer) wrote:
>> 
>>On Mon, Jun 20, 2022 at 02:18:30AM +, Mel Beckman wrote:
>> 
>>When researchers, or whoever, claim their scanning an altruistic
>>service,
>>I

Re: Scanning the Internet for Vulnerabilities

2022-06-22 Thread bzs 


On June 22, 2022 at 10:35 jcur...@istaff.org (John Curran) wrote:
 > Barry - 
 > 
 > 
 > There is indeed a metaphor to your “rattling doorknobs", but it’s not
 > pretty when it comes to the Internet…   
 > 
 > If you call the police because someone is creeping around your property
 > checking doors and windows for 
 > possible entry, then they will indeed come out and attempt to arrest the
 > perpetrator (I am most certainly 
 > not a lawyer, but as I understand it even the act of opening an unlocked
 > window or door is sufficient in many 
 > jurisdictions to satisfy the “breaking the seal of the property” premise

One can find a lot of articles and court decisions which amount to no,
the police have no such obligation despite people's strong belief that
they do:

  
https://mises.org/power-market/police-have-no-duty-protect-you-federal-court-affirms-yet-again

  https://en.wikipedia.org/wiki/Town_of_Castle_Rock_v._Gonzales

  (not even if you have a restraining order against the person)

etc.

They do have an obligation to protect someone when they are in their
custody but that's about it.

The recent behavior of the Uvalde police standing around while
children were being shot may not have been their proudest moment but
they violated nothing by doing so.

  https://www.thenation.com/article/society/uvalde-police-supreme-court/

So let's try to extrapolate that to the internet and LEOs...good luck!

 > and warrant charging under breaking 
 > and entering statues.)
 > 
 > Now welcome to the Internet…  paint all your windows black, remove all
 > lighting save for one small bulb
 > over your front entry.   Sit back and enjoy the continuous sounds of
 > rattling doorknobs and scratching at 
 > the windows.
 > 
 > If/when you find a digital culprit creeping around inside the home, your
 > best option is burn down the place 
 > and start anew with the copies you keep offsite in storage elsewhere.  
 > Similarly if you find a “trap” (e.g., 
 > a phishing email) placed on your patio or amongst your mail… discard such
 > cautiously and hope your 
 > kids use equal care. 
 > 
 > “Best practice” for handling these situations on the Internet is
 > effectively to cope as best you can despite
 > being inundated with attempts – i.e. most Internet security professionals
 > and law enforcement will tell you
 > that the idea of actually trying to identify and stop any of the culprits
 > involved is considered rather quaint
 > at best – i.e. we’re instead going to engage in the worlds longest 
 > running
 > game of “whack-a-mole” by just
 > blocking their last known website/mail server/botnet and the wishing for
 > the best…  
 > 
 > 
 > Enjoy your Internet! 
 > /John
 > 
 > Disclaimers:  My views alone - use, reuse, or discard as desired.   
 >   This message made of 100% recycled electrons. 
 > 
 > 
 > On 22 Jun 2022, at 12:04 AM, b...@theworld.com wrote:
 > 
 > 
 > When I lock the doors etc to my home I'll often mutter "ya know, if
 > someone is rattling my door knob I already have a big problem."
 > 
 > I suppose when I'm home it might give me a warning if I hear it.
 > 
 > There must be a metaphor in there somewhere.
 > 
 > I do recall as a teen noticing that one of the closed store's on the
 > main drag's door was unlocked late one night walking home (this was in
 > NYC.)
 > 
 > I saw a cop and told him and he scolded me angrily for rattling door
 > knobs, I could be arrested for that! But verified it, looked around
 > inside with his flashlight, and called it in.
 > 
 > I forget how I noticed but I wasn't in the habit of rattling stores'
 > door knobs, I think the door was just a bit ajar.
 > 
 > There must be a metaphor in there somewhere.
 > 
 > On June 21, 2022 at 10:01 mpal...@hezmatt.org (Matt Palmer) wrote:
 > 
 > On Mon, Jun 20, 2022 at 02:18:30AM +, Mel Beckman wrote:
 > 
 > When researchers, or whoever, claim their scanning an altruistic
 > service,
 > I ask them if they would mind someone coming to their home and
 > trying to
 > open all the doors and windows every night.
 > 
 > 
 > If there were a few hundred people with nefarious intent trying to 
 > open
 > your
 > doors and windows every night, someone doing the same thing with
 > altruistic
 > intent might not be such a bad thing.
 > 
 > - Matt
 > 
 > 
 > --
 >-Barry Shein
 > 
 > Software Tool & Die| b...@theworld.com | http://
 > www.TheWorld.com
 > Purveyors to the Trade | Voice: +1 617-STD-WRLD   | 800-THE-WRLD
 > The World: Since 1989  | A Public Information Utility | *oo*
 > 
 > 

-- 
-Barry Shein

Software Tool & Die| b...@theworld.com |

Re: Scanning the Internet for Vulnerabilities

2022-06-22 Thread Fernando Gont 

Hi,

While it's possible to have a discussion on the topic, I think that the 
only safe bet is that, when connected to the Internet, you'll definitely 
be subject to scanning.


I doubt there's much you want to do at a SOC about it unless it's a 
recurring situation involving a somewhat big traffic load -- in which 
case, you'd probably handle it as you'd do with a DoS attack.


Scans of one sort of another happen way to often to bother (or to afford 
to bother, if you wish) -- for instance, just a few days ago I was 
setting up an imap server, and happened to find the service being 
scanned by censys in terms of hours. For regular mass scans, you can 
normally block them proactively, via a number of feeds (abuseipdb, 
dshield, and others), if you find them as a nuissance or don't want to 
show up in the scanner's results.


As for targetted scans, the only safe bet is that you *will* be 
targetted.  So... keep the windows and doors locked. And, better, check 
if they actually are locked regularly.


Thanks,
Fernando




On 22/6/22 01:04, b...@theworld.com wrote:


When I lock the doors etc to my home I'll often mutter "ya know, if
someone is rattling my door knob I already have a big problem."

I suppose when I'm home it might give me a warning if I hear it.

There must be a metaphor in there somewhere.

I do recall as a teen noticing that one of the closed store's on the
main drag's door was unlocked late one night walking home (this was in
NYC.)

I saw a cop and told him and he scolded me angrily for rattling door
knobs, I could be arrested for that! But verified it, looked around
inside with his flashlight, and called it in.

I forget how I noticed but I wasn't in the habit of rattling stores'
door knobs, I think the door was just a bit ajar.

There must be a metaphor in there somewhere.

On June 21, 2022 at 10:01 mpal...@hezmatt.org (Matt Palmer) wrote:
  > On Mon, Jun 20, 2022 at 02:18:30AM +, Mel Beckman wrote:
  > > When researchers, or whoever, claim their scanning an altruistic service,
  > > I ask them if they would mind someone coming to their home and trying to
  > > open all the doors and windows every night.
  >
  > If there were a few hundred people with nefarious intent trying to open your
  > doors and windows every night, someone doing the same thing with altruistic
  > intent might not be such a bad thing.
  >
  > - Matt



--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint:  31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

Watch Now: NANOG 85 Talks + Leslie Daigle Joins NANOG’s Board

2022-06-22 Thread Nanog News 
*Leslie Daigle Joins NANOG’s Board*
*Daigle Fills Position After Departure of Patrick Gilmore*

Chief Technical Officer (CTO) of Global Cyber Alliance and former Chief
Internet Technology Officer (CITO) of Internet Society (ISOC), Leslie
Daigle, has joined NANOG’s board as an interim member. Daigle fills the
position left open after the departure of Patrick Gilmore.

“We look forward to having Leslie join us as an interim board member. I
believe her years of experience working with other nonprofit boards in our
sector can provide us with a unique insight as we continue to evolve our
organization, “ NANOG executive director Edward McNair said.

*READ NOW * 

*Watch NANOG 85 Now! *
*Hours of Ground-Breaking Talks From our Most Recent Meeting*

Have you subscribed to our NANOG TV Youtube channel? The NANOG 85 playlist
is now available!

*WATCH NOW
*

*NANOG 85 Pics are Now Available! *
We are delighted to have captured such memorable moments from NANOG 85!
View pictures from Sunday, Monday, and Tuesday. Stay tuned for Wednesday's
photo album.

Photo credit and a huge thank you to Cat Gurinsky, Jacomo Piccolini, Matt
Ringel, and Steve Meuse.

*N85 PHOTO ALBUM
*

[NANOG-announce] Watch Now: NANOG 85 Talks + Leslie Daigle Joins NANOG’s Board

2022-06-22 Thread Nanog News 
*Leslie Daigle Joins NANOG’s Board*
*Daigle Fills Position After Departure of Patrick Gilmore*

Chief Technical Officer (CTO) of Global Cyber Alliance and former Chief
Internet Technology Officer (CITO) of Internet Society (ISOC), Leslie
Daigle, has joined NANOG’s board as an interim member. Daigle fills the
position left open after the departure of Patrick Gilmore.

“We look forward to having Leslie join us as an interim board member. I
believe her years of experience working with other nonprofit boards in our
sector can provide us with a unique insight as we continue to evolve our
organization, “ NANOG executive director Edward McNair said.

*READ NOW * 

*Watch NANOG 85 Now! *
*Hours of Ground-Breaking Talks From our Most Recent Meeting*

Have you subscribed to our NANOG TV Youtube channel? The NANOG 85 playlist
is now available!

*WATCH NOW
*

*NANOG 85 Pics are Now Available! *
We are delighted to have captured such memorable moments from NANOG 85!
View pictures from Sunday, Monday, and Tuesday. Stay tuned for Wednesday's
photo album.

Photo credit and a huge thank you to Cat Gurinsky, Jacomo Piccolini, Matt
Ringel, and Steve Meuse.

*N85 PHOTO ALBUM
*
___
NANOG-announce mailing list
NANOG-announce@nanog.org
https://mailman.nanog.org/mailman/listinfo/nanog-announce

Re: Test email

2022-06-22 Thread Bryan Fields 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256


On 6/20/22 4:34 AM, Hank Nussbacher wrote:
> I assume the admins are testing out
> what has been blocking my emails for the past month and somehow this
> email slipped thru.  Just ignore and delete.

This was not sent by the list admin team. The email was sent via bluehost.

The MX for interall.co.il is blocking connections from the nanog list MX.

# dig +noall +answer  mx interall.co.il
interall.co.il. 7133IN  MX  0 mail.interall.co.il.

# telnet mail.interall.co.il. 25
Trying 162.241.224.86...

^C
# dig +noall +answer  -x 162.241.224.86
86.224.241.162.in-addr.arpa. 86390 IN   PTR box5171.bluehost.com.

# ping 162.241.224.86
PING 162.241.224.86 (162.241.224.86) 56(84) bytes of data.
64 bytes from 162.241.224.86: icmp_seq=1 ttl=56 time=26.5 ms
64 bytes from 162.241.224.86: icmp_seq=2 ttl=56 time=26.6 ms
^C
- --- 162.241.224.86 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 26.563/26.589/26.615/0.026 ms

# telnet mail.interall.co.il. 80
Trying 162.241.224.86...

^C

I'm open to testing further, but I don't think this is an issue on the nanog
listserver or it's network.
- -- 
Bryan Fields

727-409-1194 - Voice
http://bryanfields.net
-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEaESdNosUjpjcN/JhYTmgYVLGkUAFAmKzURkACgkQYTmgYVLG
kUCQ3Q//YWCbiNAw7eAz0cvx771vHf//bZL31XDzNqAFyS6xAqYW5TjfqYZBcwna
UcXXc1I6nHTVL3r6yvesiSoyrZsFe0l1J9GgrZurP96kDHwyqLKXzzner+717ZNB
gQPkh/ja5YoL80JZ1z7ZVgDT4SnnRmekHK+8SJGAtsdQFfAw+qfsvPMy1XqedPod
TIiRdXTG4oWNtvFRberO+Y8TvGM2UHb8Jbb0178ej+gRuajVeJmKAqwUw3nfX60K
uUWr0ih8tzOMd9BU3+Vngvo3DoYtzr2CJKavK0z/eCUwlG3STXxHSK4L2UanBfQx
yVVj1F1TV51I5kKsixQ3kfXMRu19XoKOLDExR8Vq4Xh8z62sFhRZ5SS3ONao3L4T
/QnwVXtdR+ynm2ZXJBMoSx4HANqD1XSZri7iPlTkhzXVS2TXA+QrfJRe6RvJ2cj0
rn0pCg0j3evJ7k/+/ms6Arv5rhLx1BUZ8MYhUoujGNTghjE6yC/6OqPvJwXSnyHL
QNQnfI3acfrJ/DgZ2+QwNlPT9fiwXU3rswfxaB88JsOl5u4VagKgQIAd9m0d4cMt
0lk0bgnXRk4SFDh7FezkpxkWxQT0AQAELnNcxuVnCgRpfdTJhHH6/y8WSx9Gd7D7
r9/PYV2CIPIIJz63+TwfhG/qQ4c30VSUp6G3hCqzwCVfrGtZJIQ=
=oShZ
-END PGP SIGNATURE-

Re: Scanning the Internet for Vulnerabilities

2022-06-22 Thread John Curran 
Barry - 

There is indeed a metaphor to your “rattling doorknobs", but it’s not pretty 
when it comes to the Internet…   

If you call the police because someone is creeping around your property 
checking doors and windows for 
possible entry, then they will indeed come out and attempt to arrest the 
perpetrator (I am most certainly 
not a lawyer, but as I understand it even the act of opening an unlocked window 
or door is sufficient in many 
jurisdictions to satisfy the “breaking the seal of the property” premise and 
warrant charging under breaking 
and entering statues.)

Now welcome to the Internet…  paint all your windows black, remove all lighting 
save for one small bulb
over your front entry.   Sit back and enjoy the continuous sounds of rattling 
doorknobs and scratching at 
the windows.

If/when you find a digital culprit creeping around inside the home, your best 
option is burn down the place 
and start anew with the copies you keep offsite in storage elsewhere.   
Similarly if you find a “trap” (e.g., 
a phishing email) placed on your patio or amongst your mail… discard such 
cautiously and hope your 
kids use equal care. 

“Best practice” for handling these situations on the Internet is effectively to 
cope as best you can despite
being inundated with attempts – i.e. most Internet security professionals and 
law enforcement will tell you
that the idea of actually trying to identify and stop any of the culprits 
involved is considered rather quaint
at best – i.e. we’re instead going to engage in the worlds longest running game 
of “whack-a-mole” by just
blocking their last known website/mail server/botnet and the wishing for the 
best…  

Enjoy your Internet! 
/John

Disclaimers:  My views alone - use, reuse, or discard as desired.   
  This message made of 100% recycled electrons. 

> On 22 Jun 2022, at 12:04 AM, b...@theworld.com wrote:
> 
> 
> When I lock the doors etc to my home I'll often mutter "ya know, if
> someone is rattling my door knob I already have a big problem."
> 
> I suppose when I'm home it might give me a warning if I hear it.
> 
> There must be a metaphor in there somewhere.
> 
> I do recall as a teen noticing that one of the closed store's on the
> main drag's door was unlocked late one night walking home (this was in
> NYC.)
> 
> I saw a cop and told him and he scolded me angrily for rattling door
> knobs, I could be arrested for that! But verified it, looked around
> inside with his flashlight, and called it in.
> 
> I forget how I noticed but I wasn't in the habit of rattling stores'
> door knobs, I think the door was just a bit ajar.
> 
> There must be a metaphor in there somewhere.
> 
> On June 21, 2022 at 10:01 mpal...@hezmatt.org (Matt Palmer) wrote:
>> On Mon, Jun 20, 2022 at 02:18:30AM +, Mel Beckman wrote:
>>> When researchers, or whoever, claim their scanning an altruistic service,
>>> I ask them if they would mind someone coming to their home and trying to
>>> open all the doors and windows every night.
>> 
>> If there were a few hundred people with nefarious intent trying to open your
>> doors and windows every night, someone doing the same thing with altruistic
>> intent might not be such a bad thing.
>> 
>> - Matt
> 
> -- 
>-Barry Shein
> 
> Software Tool & Die| b...@theworld.com | 
> http://www.TheWorld.com
> Purveyors to the Trade | Voice: +1 617-STD-WRLD   | 800-THE-WRLD
> The World: Since 1989  | A Public Information Utility | *oo*