North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: spam colusion

  • From: Alex P. Rudnev
  • Date: Mon Jan 10 00:30:21 2000

Hmm, what does mean _PROBE? If my Unix open TCP connection with You windows, it
does not mean I probe YOUR property; this deal concern this twoi OS only... I do
not think anyone except may be Americal lawers (ORBS are out of their scope) can
accuse them; they only run some anty-relkaying system, not more...

It looks like Y2K problem. Don't be too paranoyed about them; block them if
they bother you, and forget this problem. Even if some lawers can open the
suite, it's 100% useless.

On Sat, 8 Jan 2000, Dean Anderson wrote:

> Date: Sat, 08 Jan 2000 17:30:15 -0500
> From: Dean Anderson <[email protected]>
> To: Owen DeLong <[email protected]>, [email protected],
     [email protected]
> Cc: [email protected]
> Subject: Re: spam colusion
> Around 08:14 AM 1/8/2000 -0800, rumor has it that Owen DeLong said:
> >
> >
> >However, I must question whether the activity Dean discusses is actually
> >criminal.  He does not accuse them of carrying out the attacks, he
> >accuses them of transporting information published by a third party
> >which notifies the world that his site is vulnerable to these attacks.
> Umm, for the record, I do make such an accusation. When they probe a
> non-public government computer, they are violating 18 USC 1030 Sections
> 2(b), 2(c), and 3.  Those are criminal violations.  You simply may not
> probe government computers. Doing so is immediately a crime.  The $5000
> limit is only for non-government computers.
> Then they do other things, some of which are criminal (fraud is criminal),
> and some of which may not be.
> >Since Dean has published information to NANOG and other public forums
> >stating that:
> >	1.	His sites _ARE_ vulnerable.
> My customer shell servers' telnet sessions are vulnerable to password
> theft, and password guessing. So are yours. So what?
> >	2.	He has no willingness to fix these vulnerabilities.
> There isn't anyway to fix them.  There may be a protocol extension in the
> future, but its not here yet.  I've been through this with 50 people in the
> last 6 months.  That doesn't permit others to exploit them.
> >	3.	He intends to make the internet at large responsible
> >		for his negligence WRT these sites.
> We have no negligence. And we do not hold the internet at large
> responsible. Just those that exploit protocol vulnerabilites, and those who
> assist with the exploitation.  If your customer commits crimes, and you
> don't do anything about it after complaints are made, I expect that you
> bear responsibility and liability.
> >I seriously doubt that publishing a list of known public-nuissances
> >is genuinely illegal.  Further, unless Dean has presented netgate
> >with a court-order showing that the court has indeed found said
> >activity to be illegal, I think they would be negligent in turning
> >off said service.
> So publishing a list of sites which have vulnerabilities detected by SATAN
> scans wouldn't be illegal?  Thats what you are saying.
> As far as court orders go, the point of this discussion is to make sure we
> have exhausted all non-litiguous options.
> >How would you like it if your ISP shut you down because I
> >complained to them that you were sending out messages that
> >contained information that was publicly available, but which
> >I didn't want published?  That's what Dean's really saying.
> No, its not what I'm saying.  Would you object if I published a list of
> your servers which could be broken into, and said that it was OK with you
> to break into those systems?  I think you would.  
> But if you wouldn't mind, I'll be happy to have your permission to scan
> your net with SATAN and publish a web page for the script kiddies.  What
> was that? You don't give me permission?  I didn't think so.
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>            Plain Aviation, Inc                  [email protected]
>            LAN/WAN/UNIX/NT/TCPIP
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Aleksei Roudnev,
(+1 415) 585-3489 /San Francisco CA/