In a place of business, there is a front door, and there is often a private
back door. The front door is to be used by the public so they can come in
and look around. They can rattle the doorknob to their hearts' content.
The private door, however, isn't intended for public use. It's still
accessible from the street, but just because it accesses the street doesn't
mean it's intended for just anyone to use--nor is it intended for people to
even come rattle the doorknob to see if it's open. Someone may come to open
the door by mistake because he doesn't realize the door isn't for public
use, but most people have enough sense about them to recognize which door
they are meant to use.
In this analogy, the front door is the Web site that is open to the
public--and this is the only part of the system that's open to the public.
The private door, however, is ftp, telnet, etc., which aren't meant for
public use. (I know some sites grant public ftp and telnet--that's not my
point. Stick to the analogy!) The private door accesses files and tools
that were never meant to be used or even seen by the public. Just having a
door doesn't give people permission to try to open it.
Because the store owner has a public business, he certainly intends for
customers to come in the front door. However, if someone sneaks in the back
door, or if someone even is lurking around the back door, he would call the
authorities if he's prudent. The back door was never intended for public
use.
Just because a guy has a front door in the Internet doesn't mean he is
opening his whole "store" up for the public to come in any door and do as
they please in his office in the back. Customers are meant to be able to
rummage around the front part of the store--not the office in the back.
Whether the intruder would be punished or not would depend on local laws.
> -----Original Message-----
> From: Derek Martin [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, July 23, 1999 1:08 PM
> To: William Joynt
> Cc: Bill Joynt; Dave Gillett; Firewall list; Paul L. Lussier
> Subject: RE: trial & charges
>
> On Fri, 23 Jul 1999, William Joynt wrote:
>
> >
> > Ahh, now I see. So if I have a store, and I have a door behind the
> counter,
> > I shouldn't object if a customer jumps the counter and tries to go in
> the
> > door? After all, I put the door there, obviously I meant it to be used.
>
> Ah, I see said the blind man, when clearly he didn't.
>
> The door in the analogy was the FRONT door, not the inside doors, which
> corresponds precisely to a port on a server, which, lets not forget, is
> directly connected to the PUBLIC internet. Each port is like a little
> front door into your store.
>
> Cars, on the other hand, are not intended to be used by the PUBLIC. They
> are not businesses which are open to the PUBLIC. They are PRIVATE
> property.
>
> > The idea that every service and every server on the Internet serves as
> > implicit permission for any public use is ludicrous. Might as well say
> if
> > you park you car on the street, you implicitly give the public
> permission to
> > try your doors, and if you leave them unlocked, permission to rummage
> around
> > in your car.
>
> Your statement is absurd. The ENTIRE PURPOSE of putting a server on the
> internet is so that the PUBLIC, or at least some subset of it, can connect
> to it. If you don't want the PUBLIC connecting to it, don't put it on the
> PUBLIC internet.
>
> Period.
>
>
> Derek D. Martin | UNIX System Administrator
> [EMAIL PROTECTED] | [EMAIL PROTECTED]
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
