Unless the particular individual has a signed letter on corporate
stationery from Corporation/Organization X stating Y organization and Z
individuals have been granted permission to conduct a external and
internal scan on the following networks. From N date at O time to N date
at O time. This letter should also be signed from the CEO or President of
the Corporation/Organization X. If there is no letter, the individuals
conducting the scan can be arrested and thrown in jail for a very long
time. and the organization that employ those individuals can be sued for
any potential or perceived loss of business. Therefore as Peter points
out, in the rest of his port, he is quite correct.
In some cases, erroneous scans can occur by a not so knowledgeable
individual. But in today's world, most of the commercial/ freely
available scanners leave lots of fingerprints, and it is very easy to
determine what tool they are using and who originated the scan. But this
requires some knowledge on analyzing log files, looking for the right type
of footprints, matching them up to those of the commercial/freely
available scanners, etc, etc.
But that is different discussion altogether, on how to make a network
scan appear like normal traffic.. :)
/cheers
/mark
Peter Capelli <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
02/20/00 04:38 PM
To: "'Merton Campbell Crockett'" <[EMAIL PROTECTED]>, "'Bill Lavalette
noc/sec
Administrator'" <[EMAIL PROTECTED]>
cc: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
Subject: RE: Someone is scanning me
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Merton Crockett wrote:
>
> On Sat, 19 Feb 2000, Bill Lavalette noc/sec Administrator wrote:
>
> > The Bottom Line is this. YOU HAVE NO BUSINESS SCANNING ANYONE'S
> > MACHINE!!!!! unless it is requested by the owner/company
>
> You're shouting does not alter the fact that I have a perfect right
> and an obligation to my employers and customers to probe your
> network.
>
> By allowing any packet originating from your network to pass into
> one of the networks under my control, you have authorized me to
> monitor your activity.
Wow. I can't wait to see this argument in court. "Your honor,
his
radio transmission crossed my property, so I feel that I have every
right to break into his office and search his desk for any
incriminating evidence. It's only *fair*!" (Sound of bailiff
dragging Mr. Crockett to jail)
What do you base this line of reasoning on? What "right" do you
have to scan his network? If someone physically breaks into your
building, do you have a "right" to question anyone you *think* may
have done it? Break into *their* buildings and look for evidence?
> Of course, my probes will be fairly straight forward as I will be
> building the foundation for a criminal investigation and a court
> case.
I'm sure it would be. For his lawsuit against you, of course. Did
you stop to think that maybe the source IP address was spoofed? I
know, I know, that's never been heard of happening, but
*theoretically* it could.
> Merton Campbell Crockett
>
- -pete
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.2
Comment: Pete's public Key at http://home.adelphia.net/~capelli
iQA/AwUBOLCHImt0HGKCkmO2EQJSXQCg88YzmHn0N0MficJRZ6Q1xfn2QugAn0o7
/7RbxzlzY2NCfzLldr09Kx/0
=WOX+
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
