Security Incidents mailing list archives
Re: RPAT - Realtime Proxy Abuse Triangulation
From: "Jay D. Dyson" <jdyson () treachery net>
Date: Fri, 27 Dec 2002 22:51:09 -0800 (PST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 27 Dec 2002, Stephen P. Berry wrote:
Funny that everyone seems to be hung up on the question of whether or not reciprocal scans are -legal-. Howzabout this one: Even if scanning spam relays is -legal-, is it ethical?
Such a practice strikes me as teleologically ethical[1]. A system is being abused and we recipient systems are paying the canonical price for it. And since we bear the cost of someone else's irresponsibility, we have both the right and the responsibility to pick up the slack created by the other party so that other systems do not receive the same net.abuse ours have. The only thing that would color such a practice as even remotely unethical would be later utilization of such findings for the purpose of further spamming or other nefarious conduct. As a rule, when my systems are spammed via an open relay, I do indeed perform open relay tests on the offending system to confirm that the relayed spam is genuine or trivially spoofed[2]. With those findings, I file my reports with the cognizant admins and/or upstream providers so that an end may be put to that nonsense. - -Jay 1. I don't subscribe to deontological ethics. Even when I was a lad I never regarded "because I said so" as a valid rationale for anything. 2. Old Sun Microsystems SMI 8.6 MTAs will accept any HELO statement and not log the IP, which caused all manner of spammer mischief. ( ( _______ )) )) .-"There's always time for a good cup of coffee."-. >====<--. C|~~|C|~~| (>------ Jay D. Dyson - jdyson () treachery net ------<) | = |-' `--' `--' `How about a 10-day waiting period on YOUR rights?' `------' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (TreacherOS) Comment: See http://www.treachery.net/~jdyson/ for current keys. iD8DBQE+DUniTqL/+mXtpucRApOlAKDFuMLEvKwX11Toknd0hSFxImXJ/gCeOl1a Kmj84nr7KbWgxmjafsVZDm0= =Y1yR -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: RPAT - Realtime Proxy Abuse Triangulation, (continued)
- Re: RPAT - Realtime Proxy Abuse Triangulation Kurt Seifried (Dec 24)
- Re: RPAT - Realtime Proxy Abuse Triangulation Mathias Wegner (Dec 27)
- Re: RPAT - Realtime Proxy Abuse Triangulation Jay D. Dyson (Dec 27)
- Re: RPAT - Realtime Proxy Abuse Triangulation Kevin Reardon (Dec 27)
- RE: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Greg Barnes (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Mathias Wegner (Dec 27)
- Re: RPAT - Realtime Proxy Abuse Triangulation Kurt Seifried (Dec 24)
- Re: RPAT - Realtime Proxy Abuse Triangulation Gary Flynn (Dec 30)
- RE: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Syzop (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Greg Barnes (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Jay D. Dyson (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Greg Barnes (Dec 30)
- Virus? Trojan? David Gillett (Dec 30)
- Re: Virus? Trojan? Peter Kruse (Dec 30)