Firewall Wizards mailing list archives
Re: new topic-professional hacking tecniques
From: "Steven Osman" <sosman () terratron com>
Date: Mon, 8 Nov 1999 08:30:40 -0500
IMHO, Reid's idea is terrible! (no offense). Adding a whois query to people's IP address demolishes privacy. How would you like ot AUTOMATICALLY be placed on every web site's mass mailing list just by visiting their site? In fact, you could be going through the 394,423,548 matches on altavista about what you were looking for, knowing full well that 394,423,543 of them are irrelevant (but you need to find those 5 good ones...). Just think how many spam sources you could get from just one day of research/surfing/whatever. Hit a XXX site... forget about it! Now they "know" or at least "believe" you'd visit their site, they'll NEVER leave you alone. (I've often searched for stuff and somehow ended up in XXX sites... for one thing, do a search on any actor/actress). IRC now becomes no longer anonymous, in fact, nothing else does. Steven Osman Terratron Technologies Inc. ----- Original Message ----- From: Matt Doughty <doughtym () bsjkk co jp> To: REID FOX <reidfox () direct ca> Cc: <firewall-wizards () nfr net> Sent: Friday, November 05, 1999 1:33 AM Subject: Re: new topic-professional hacking tecniques
On Wed, Nov 03, 1999 at 10:29:26AM -0800, REID FOX wrote:However if say ISP's start to use static IP addresses for their client's then perhaps the ISP's could post a directory (a whois) not with any sensitive personal info but maybe just an e-mail and a name. That would
make
users more accountable just as Domains are accountable (or known) on the net. I cant see any honest client having a big problem with that. Like I said before this is no security cure but it is however a step in the
right
direction. eg. Your getting some degree of attack from a certain IP regularly. You trace it back to an ISP look it up in the ISP's whois list e-mail the person "are you aware of ......? If this continues your ISP
will
be notified ...." the next day you get a reply from a parent of some script kid "I use
this
PC for business ..... dont know whats happening" send reply "If you have portscan , crackers. BO Netbus etc on your
system
then someone is using your PC unethically, you should uninstall these applications otherwise your system has been compromised etc etc.." I am sure that an honest person wether they know computers or not would promptly deal with it and if your lucky and the person does know a
little
bit about these things then now the seasoned hacker is unaware that his
mask
is off. The advantage of this is 1: If it's a teen then the parents are informed without getting into
trouble
with their ISP (ISP dont need to be involved) 2: Also the parents do not allow this to continue because they now know
what
certain apps are. (cracker BO Netbus etc) where before they had no idea what their kids were capable of doing with these strange programs. 3: The new ISP when the parents get sucked into thinking that they were wrongfully cut off, does not have to deal with it. 4: One more future hacker on the road to ethics. Now the question is who has to deal with this growing problem? The ISP's or the Parents?You assume a relatively high level of knowledge of the parents.... I mean your basically asking to hold someones hand through a search of their system for these programs. Kids tend to know a lot more about the computers then the parents. besides if you started contacting the people directly then crackers are just going to start filtering the mail first so their parents never get the message. file://Matt
Current thread:
- new topic-professional hacking tecniques REID FOX (Nov 02)
- <Possible follow-ups>
- Re: new topic-professional hacking tecniques Steven M. Bellovin (Nov 04)
- Re: new topic-professional hacking tecniques REID FOX (Nov 04)
- Re: new topic-professional hacking tecniques Matt Doughty (Nov 05)
- Re: new topic-professional hacking tecniques Steven Osman (Nov 08)
- Re: new topic-professional hacking tecniques dreamwvr (Nov 09)
- Re: new topic-professional hacking tecniques R. DuFresne (Nov 10)
- Re: new topic-professional hacking tecniques Johann G. Hautzinger (Nov 10)
- Re: new topic-professional hacking tecniques Matt Doughty (Nov 05)
- Re: new topic-professional hacking tecniques Saravana Ram (Nov 06)