To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ----------
William Atchison wrote:
Surprisingly, many aren't aware of those laws.I've actually had them more widely applied to automated plagiarism (scraping) to use against someone instead of applying copyright as I'd rather see 'em off tojail instead of paying a small lawyers fee, but I'm vindictive.
Being vindictive in life would get me nowhere (just an opinion).
Anyway, your premise may hold as long as you don't set foot on US soil because people deemed violating US laws, even though they've done so while 100% onforeign soil, have been picked up by the feds when they visit the US.
The premise would hold true in any court of law IN the US. If you break it down
to a logical-easy-to-understand method of what occurred, some of these lawsare in fact their own worst enemies. So in the case of me living here, connecting
to an IRC server and traversing back here, logically I connected to a server in Japan. From Japan there is a connection between me and Japan. If thatJapanese server is linked somehow to an American server (*note this next comment*)
IN THE CASE OF IRC... Remember, my machine is seeing things from my Japanese connection irrespective of the ongoings on the American infected server. At NO GIVEN POINT did my machine connect to an infected/botnet host. The Japanese server I am on however mirrored its traffic to me. A good lawyer and a strong technologically competent yet word savvy expert could have any charges thrown out.
The best way to steer clear of such unclear legal standing is to simply keep out of places that might cause problems, IMO, so I sit on the outside of the botnetExactly you'd want to steer clear of them but here is your dilemna right now...and log hits against my server and fire off AUP notices. Lame, maybe, but effective and on stronger legal standing.
As a network operator I have my AUP policies in place. Someone broke it and say I'm doing a CALEA like tap and notice other anomalies attributed to say a botnet. As the network owner, I have every right to KILL that server since it falls under my umbrella. I have ZERO RIGHT to overstep my bounds and log into that machine since isn't my own. I have every right to sniff my traffic as determined by my AUP for the sake of security mitigation, etc. So lets use this same scenario here where I monitored traffic from a suspected botnet using a Netscout or something... I then re-created the ENTIRE happenings... Theoretically I've accomplished the same as I would joining infected server. Without breaking any laws so its a dual edged sword. I have some pretty cool technical savvy lawyer friends I will shoot off an email to about these scenarios... Will forward what I find from someone WHO IS A LAWYER. Instead of speculating. -- ==================================================== J. Oquendo http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743echo infiltrated.net|sed 's/^/sil@/g'
"Wise men talk because they have something to say; fools, because they have to say something." -- Plato
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
