Security Incidents mailing list archives
Re: RPAT - Realtime Proxy Abuse Triangulation
From: Gary Flynn <flynngn () jmu edu>
Date: Sat, 28 Dec 2002 09:46:55 -0500
Mathias Wegner wrote:
On the other hand, if someone exposes an snmp server to the public network withI would be very nervous about running this, remote SNMP queries of someone elses system (say a .gov or .mil proxy) may be considered illegal activity in some jurisdictions.Depending on the SNMP daemon, it would/should be as illegal as opening an ssh investigating the system from the command line. Most SNMP offers at least some amount of configuration via the read/write community. I know that when I see SNMP queries on network hardware that I manage, I consider it hostile activity.
a default community name, I'd say they're making it as accessible as ananonymous ftp server, Microsoft C$ file share with no Administrator password, Kazaa share of entire hard drive, or telnet server with an account of "root" and no password. I would think it would be hard to prosecute someone in such a case
when the service was made publicly available.Not to say that incompetence is justification for criminal behavior but how is someone poking around the net to know which doors are left intentionally opened and which are stupid mistakes? If I'm driving down the road and see an interesting, unmarked driveway/road and go up it out of curiosity, am I breaking a law? Surely the owners of a service or road that don't want people in there should mark or block it.
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- RPAT - Realtime Proxy Abuse Triangulation Stephen Friedl (Dec 20)
- Re: RPAT - Realtime Proxy Abuse Triangulation Kurt Seifried (Dec 24)
- Re: RPAT - Realtime Proxy Abuse Triangulation Mathias Wegner (Dec 27)
- Re: RPAT - Realtime Proxy Abuse Triangulation Jay D. Dyson (Dec 27)
- Re: RPAT - Realtime Proxy Abuse Triangulation Kevin Reardon (Dec 27)
- RE: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Greg Barnes (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Mathias Wegner (Dec 27)
- Re: RPAT - Realtime Proxy Abuse Triangulation Kurt Seifried (Dec 24)
- Re: RPAT - Realtime Proxy Abuse Triangulation Gary Flynn (Dec 30)
- RE: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Syzop (Dec 30)
- <Possible follow-ups>
- Re: RPAT - Realtime Proxy Abuse Triangulation Stephen Friedl (Dec 27)
- Re: RPAT - Realtime Proxy Abuse Triangulation Jay D. Dyson (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Greg Barnes (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Jay D. Dyson (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Greg Barnes (Dec 30)
- Virus? Trojan? David Gillett (Dec 30)
- Re: Virus? Trojan? Peter Kruse (Dec 30)
- Re: RPAT - Realtime Proxy Abuse Triangulation Greg Barnes (Dec 30)