Security Incidents mailing list archives
RE: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation
From: "Christopher X. Candreva" <chris () westnet com>
Date: Thu, 2 Jan 2003 13:10:16 -0500 (EST)
On Tue, 31 Dec 2002, Rob Shein wrote:
yes or no to the entire facility/area. And so it is with networks. Allowing SNMP access through your firewall is no different than screwing up and forgetting to lock the back/side doors...it's a bad idea, it's asking for trouble, it's certain to get noticed/abused sooner or later...but it doesn't make it ok for people to take advantage of it.
To extend your analogy . . it would not be uncommon, if someone saw the back door of a building wide open that usually wasn't, for them to stick their head in the door and yell "Hello !?! Anyone here ? I think you left your door open !" A common problem in cities is apartment buildings where access to the roof is left open. Aside from people hurting themselves, they can throw things and hurt people down below. One could certainly make an argument, if you are having things thrown at you from a neighboring roof, that you are justified in entering the premises to lock the roof door ! As you said, intent has everything to do with it. If people are leaving their machines wide open and you are being attacked from them, you are could certainly argue that the equivalent of sticking your head in to see what is going on is justified -- especially with the lack of any police to call about noisy neighbors ! -Chris ========================================================== Chris Candreva -- chris () westnet com -- (914) 967-7816 WestNet Internet Services of Westchester http://www.westnet.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Gary Flynn (Jan 02)
- RE: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (Jan 02)
- RE: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Christopher X. Candreva (Jan 02)
- Re: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Kevin Reardon (Jan 02)
- RE: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation Rob Shein (Jan 02)