Re: Script Kiddie issues
From: Wiggins D'Anconia (wiggins_at_danconia.org)
Date: 02/07/04
- Next message: Bill Akins: "RE: Script Kiddie issues"
- Previous message: Jan Eden: "Re: Method invocation arrow (LPORM)"
- In reply to: Lone Wolf: "RE: Script Kiddie issues"
- Next in thread: Daniel Staal: "[OT] Re: Script Kiddie issues"
- Reply: Daniel Staal: "[OT] Re: Script Kiddie issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 07 Feb 2004 12:37:48 -0500 To: Lone Wolf <LoneWolf@nc.rr.com>
Lone Wolf wrote:
> Nah, because the only ones who receive the file are those attempting to
> do harm to my system. Granted I could make it go to a warning page,
> which after a few seconds dumps them to the other page, thereby giving
> them a warning before I fire the shot, just like a trespasser in my
> house. Do I shoot first when they are in MY house in the middle of the
> night, or do I give them enough time to shoot me? They are trespassing
> on my system. Normal use of the system does NOT require access to
> cmd.exe or other files they are looking for to use to exploit the
> system. Normal use laws apply, and you CAN and folks DO take steps to
> secure their system from others.
>
Securing your system from someone is different than firing back. And
your house analogy is really dumb, it has predefined borders that are
very distinct. Your webserver is open and you are inviting someone to
look at anything on it, for the same reason that you can't shoot me for
walking on the sidewalk in front of your house (assuming you lived where
such things exist).... If you want to use the analogy shutdown port 80,
then if someone tries to enter though port 80 then fire back. You are
actually causing more problem for those of us that have to deal with the
problems, by only helping yourself. What is to stop a spammer or script
kiddie finding out about your ruse, possibly even listening in on the
conversation, and rather than trying to hack your system starts sending
out mass emails to people with a URL in it that directs them to your
system and that URL, all of a sudden your victims become his victims and
he has used you in a scheme to haunt the very users you wished to defend.
> Legally I checked with lawyers and the ones in my area say as long as I
> keep a log of the accesses I am fine. I took this step after sending
> over 200 messages to ISPs to halt their users and receiving no response
> to any of the inquiries even though I provided the ISPs with log files
> and everything. I did the same with ISPs with spammers and open relays.
> Multiple emails to their main offices and local branches with the
> spammers email addresses, full headers, and no word back. If the ISP
> was not even willing to answer multiple emails they were sent another
> email with how to contact me directly and then their entire domain was
> added to the server kill file. Cut down on the spam in MY inbox.
>
>
Lawyers... right, I am sure they will be happy to take your money while
they attempt to defend you in a court where a judge is going to tell
them they are as dumb as your stunt for trying to defend you...
Like I said, script kiddies aren't worth the time.......
- Next message: Bill Akins: "RE: Script Kiddie issues"
- Previous message: Jan Eden: "Re: Method invocation arrow (LPORM)"
- In reply to: Lone Wolf: "RE: Script Kiddie issues"
- Next in thread: Daniel Staal: "[OT] Re: Script Kiddie issues"
- Reply: Daniel Staal: "[OT] Re: Script Kiddie issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
