No desire receive messages !!!
Thank you ,
[EMAIL PROTECTED]
----------
De: Michael F. Dick[SMTP:[EMAIL PROTECTED]]
Responder: [EMAIL PROTECTED]
Enviada: Terca-feira, 27 de Julho de 1999 19:04
Para: [EMAIL PROTECTED]
Assunto: RE: trial & charges
Well, I scan my firewalls all the time through my personal internet access.
The difference here is, that I don't complain to my ISP when I see my
dropped packets. If somebody else scans my firewalls, then you can bet that
their ISP gets a e-mail with the relevant logs (what they do or don't do to
prevent those scans in the future depends upon the use policy of that
particular ISP).
Well, I don't know what an lawyer would be able to do, if you (despites the
fact that you scanned your own firewalls) violated the ISP's policy.
Just my opinion
On Tuesday, July 27, 1999 2:21 PM, Randall, Mark
[SMTP:[EMAIL PROTECTED]] wrote:
> You shouldn't have to worry about your ISP. I'm constantly running nmap
or
> some other network scan and my ISP doesn't say anything. Sometimes I run
> them from within my corporate network. Sometimes I run them from my
> personal dial-up account with a local ISP.
>
> You are quite correct that you are within your rights to scan your
firewall
> from another location. If an ISP cancelled an account of mine based on
> that, you can bet they'd get a quick letter from my lawyers.
>
> I really can't BELIEVE this thread.
>
>
> -----Original Message-----
> From: Derek Martin [mailto:[EMAIL PROTECTED]]
> Sent: Friday, July 23, 1999 12:46 PM
> To: Thompson, Dave
> Cc: William Joynt; Bill Joynt; Dave Gillett; Firewall list; Paul L.
> Lussier
> Subject: RE: trial & charges
>
>
>
> Dave,
>
> You make some decent points which I'd like to address but first, before
> I forget again, I'd like to give another legitimate reason to do a port
> scan.
>
> I recently set up a new firewall box here at work, which I'd like to
> test before we put it in place; specifically I'd like to run SATAN and a
> few other tools on it from my box at home, in order to test the security
> of the thing.
>
> I am however very reluctant because I'm concerned that, because of this
> legal quagmire that we've created for ourselves, my ISP will see the
> traffic and kill my account for "hacking" as it were.
>
> Obviously, I'm well within my right, but I forsee a great deal of
> trouble from my ISP in getting my account back. Call me paranoid, but all
> good security admins are! ;-)
>
>
> On Fri, 23 Jul 1999, Thompson, Dave wrote:
>
> > In a place of business, there is a front door, and there is often a
> private
> > back door. The front door is to be used by the public so they can come
in
> > and look around. They can rattle the doorknob to their hearts'
content.
> >
> > The private door, however, isn't intended for public use. It's still
> > accessible from the street, but just because it accesses the street
> doesn't
> > mean it's intended for just anyone to use--nor is it intended for
people
> to
> > even come rattle the doorknob to see if it's open. Someone may come to
> open
> > the door by mistake because he doesn't realize the door isn't for
public
> > use, but most people have enough sense about them to recognize which
door
> > they are meant to use.
> >
> > In this analogy, the front door is the Web site that is open to the
> > public--and this is the only part of the system that's open to the
public.
>
> This is the best argument I've seen to refute my point so far, and I had
> already thought of it. Here's why I don't agree:
>
> > The private door, however, is ftp, telnet, etc., which aren't meant for
> > public use. (I know some sites grant public ftp and telnet--that's not
my
> > point. Stick to the analogy!)
>
> This is where you must divorce the reality from the original analogy.
> There IS a difference, and it is that on the internet, none of the
"doors"
> are clearly marked. Many services are public on some servers and private
> on others. You can't simply say that FTP and Telnet are always private,
> cuz they ain't! :)
>
> The way TCP and UDP work forces you to find out for yourself which are
> public and which are private. If you get an answer that says essentially
> "go away" (i.e. by connection refused or other ICMP message, or a
specific
> message sent back over the connection by the admin), then it's a private
> door. Inasmuch as we can extend the analogy, this is the equivalent to a
> "KEEP OUT" sign on your private doors. But with TCP and UDP, you don't
> know until you try. A port scan is then the equivalent of looking at the
> door to see if there's a keep out sign on it.
>
>
> > The private door accesses files and tools
> > that were never meant to be used or even seen by the public. Just
having
> a
> > door doesn't give people permission to try to open it.
>
> How do you know that? Maybe they are running a gopher server that's open
> to the public, and you just didn't see it. Maybe they're running an IRC
> server that you didn't see advertised anywhere... Replace Gopher and IRC
> with about a zillion other protocols that could potentially be running
and
> open to the public.
>
>
> > Whether the intruder would be punished or not would depend on local
laws.
>
> Right. In most cases, I think the local laws would not punish someone
for
> a simple port scan, and IMO rightly so. I'm personally against making it
> illegal to do anything that doesn't and/or can't have any real direct
> negative impact on anyone other than the person who does it (yet another
> completely different argument). Port scans are harmless, do not
> constitute a REAL intrusion (though arguments can be made that you're
> tying up bandwidth and CPU etc, the amounts are so miniscule for a single
> full port scan it isn't worth worrying about) and should not be
> legislated.
>
>
>
>
> --
> Derek D. Martin | UNIX System Administrator
> [EMAIL PROTECTED] | [EMAIL PROTECTED]
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
