Date: Wed, 4 Apr 2001 16:28:44 -0400 From: "Drew J. Weaver" <drew.weaver@thenap.com> To: "'FreeBSD-ISP@FreeBSD.org'" <FreeBSD-ISP@FreeBSD.org> Subject: RE: Chasing the kiddies (was: Named Keep crashing) Message-ID: <B1A7D9973EBED3119ADD009027DC8649180F88@mailman.thenap.com>
next in thread | raw e-mail | index | archive | help
This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C0BD45.D8D3E0B2 Content-Type: text/plain; charset="iso-8859-1" And people that say that port scanning is harmless, port scanning is just a precursor to being 'rooted' its not going to be the last thing you hear from a script kiddie, its not like someone port scans your box[if insecure] and then just leaves, (i guess then it would be harmless) then they try to hack into it (naturally). -Drew -----Original Message----- From: Scott Lambert [mailto:lambert@cswnet.com] Sent: Wednesday, April 04, 2001 3:56 PM To: FreeBSD-ISP@FreeBSD.org Subject: Re: Chasing the kiddies (was: Named Keep crashing) On Wed, Apr 04, 2001 at 01:16:19PM -0600, Forrest W. Christian wrote: > Date: Wed, 4 Apr 2001 13:16:19 -0600 (MDT) > From: "Forrest W. Christian" <forrestc@imach.com> > To: Kal Torak <kaltorak@quake.com.au> > Cc: Enno Davids <enno.davids@metva.com.au>, freebsd-isp@FreeBSD.ORG > Subject: Re: Chasing the kiddies (was: Named Keep crashing) > > On Wed, 4 Apr 2001, Kal Torak wrote: > > > Why should network scanning be a crime at all? If anything should be a crime > > its sloppy admins that let there networks get comprimised... > > But when after you scan, you break in and destroy data, THAT should be the > crime I'm talking about. > > What you don't realize is that a lot of these attacks are now automated > rootkits which basically scan for the hole and if they find it, ROOT YOUR > MACHINE. > > This is wrong. These people who don't think scanning is a problem bother me. I don't have time to hunt down all the scanning kiddies, but I don't like them. I do hunt down the ones I get complaints on. Scanning a network is just like "casing" a neighborhood in my book. The police will stop you and check your background and want to know if you have any business in the area if someone reports you to them. The police call it suspicious behaviour which gives them probable cause to stop the bad guy. They get what information they can from him and if he is not (yet) wanted they let him go. But they watch him. They remember he was in the area and if any complaints do come in they go grab him first. I do the same thing with my scanning kiddies. My kiddies who go scanning my network or other people's networks get a phone call. I talk to their parents and tell them their kids are on the wrong road and could wind up in jail if they ever open one of those doors. Hopefully the parents can straighten the kids out. I hope the kids tell the other kids that they got busted. It lets them know they can get in trouble for it and will hopefully discourage them. I just wish I could go visit them physically so I could make certain they were scared before I let them go. Entering a computer system is breaking and entering. Send them to jail. It doesn't matter if they immediately left without doing anything. If anyone enters my home through a window I have left open for ventilation at night, they could very possibly be shot or bludgeoned about the head and shoulders by a baseball bat or whatever other blunt or sharp object I find first. They will most likely end up in jail. It makes no difference that the window was open. You just don't cross those lines. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message ------_=_NextPart_001_01C0BD45.D8D3E0B2 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HTML> <HEAD> <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Diso-8859-1"> <META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version = 5.5.2650.12"> <TITLE>RE: Chasing the kiddies (was: Named Keep crashing)</TITLE> </HEAD> <BODY> <P><FONT SIZE=3D2>And people that say that port scanning is harmless, = port scanning is just a precursor to being 'rooted' its not going to be = the last thing you hear from a script kiddie, its not like someone port = scans your box[if insecure] and then just leaves, (i guess then it = would be harmless) then they try to hack into it (naturally). = </FONT></P> <P><FONT SIZE=3D2>-Drew</FONT> </P> <BR> <P><FONT SIZE=3D2>-----Original Message-----</FONT> <BR><FONT SIZE=3D2>From: Scott Lambert [<A = HREF=3D"mailto:lambert@cswnet.com">mailto:lambert@cswnet.com</A>]</FONT>= <BR><FONT SIZE=3D2>Sent: Wednesday, April 04, 2001 3:56 PM</FONT> <BR><FONT SIZE=3D2>To: FreeBSD-ISP@FreeBSD.org</FONT> <BR><FONT SIZE=3D2>Subject: Re: Chasing the kiddies (was: Named Keep = crashing)</FONT> </P> <BR> <P><FONT SIZE=3D2>On Wed, Apr 04, 2001 at 01:16:19PM -0600, Forrest W. = Christian wrote:</FONT> <BR><FONT SIZE=3D2>> Date: Wed, 4 Apr 2001 13:16:19 -0600 = (MDT)</FONT> <BR><FONT SIZE=3D2>> From: "Forrest W. Christian" = <forrestc@imach.com></FONT> <BR><FONT SIZE=3D2>> To: Kal Torak = <kaltorak@quake.com.au></FONT> <BR><FONT SIZE=3D2>> Cc: Enno Davids = <enno.davids@metva.com.au>, freebsd-isp@FreeBSD.ORG</FONT> <BR><FONT SIZE=3D2>> Subject: Re: Chasing the kiddies (was: Named = Keep crashing)</FONT> <BR><FONT SIZE=3D2>> </FONT> <BR><FONT SIZE=3D2>> On Wed, 4 Apr 2001, Kal Torak wrote:</FONT> <BR><FONT SIZE=3D2>> </FONT> <BR><FONT SIZE=3D2>> > Why should network scanning be a crime at = all? If anything should be a crime</FONT> <BR><FONT SIZE=3D2>> > its sloppy admins that let there networks = get comprimised...</FONT> <BR><FONT SIZE=3D2>> </FONT> <BR><FONT SIZE=3D2>> But when after you scan, you break in and = destroy data, THAT should be the</FONT> <BR><FONT SIZE=3D2>> crime I'm talking about.</FONT> <BR><FONT SIZE=3D2>> </FONT> <BR><FONT SIZE=3D2>> What you don't realize is that a lot of these = attacks are now automated</FONT> <BR><FONT SIZE=3D2>> rootkits which basically scan for the hole and = if they find it, ROOT YOUR</FONT> <BR><FONT SIZE=3D2>> MACHINE.</FONT> <BR><FONT SIZE=3D2>> </FONT> <BR><FONT SIZE=3D2>> This is wrong.</FONT> </P> <P><FONT SIZE=3D2>These people who don't think scanning is a problem = bother me. I don't have</FONT> <BR><FONT SIZE=3D2>time to hunt down all the scanning kiddies, but I = don't like them. I do </FONT> <BR><FONT SIZE=3D2>hunt down the ones I get complaints on. = </FONT> </P> <P><FONT SIZE=3D2>Scanning a network is just like "casing" a = neighborhood in my book. The </FONT> <BR><FONT SIZE=3D2>police will stop you and check your background and = want to know if you </FONT> <BR><FONT SIZE=3D2>have any business in the area if someone reports you = to them. The police</FONT> <BR><FONT SIZE=3D2>call it suspicious behaviour which gives them = probable cause to stop the </FONT> <BR><FONT SIZE=3D2>bad guy. They get what information they can = from him and if he is not</FONT> <BR><FONT SIZE=3D2>(yet) wanted they let him go. But they watch = him. They remember he was</FONT> <BR><FONT SIZE=3D2>in the area and if any complaints do come in they go = grab him first.</FONT> </P> <P><FONT SIZE=3D2>I do the same thing with my scanning kiddies. = My kiddies who go scanning </FONT> <BR><FONT SIZE=3D2>my network or other people's networks get a phone = call. I talk to their </FONT> <BR><FONT SIZE=3D2>parents and tell them their kids are on the wrong = road and could wind up </FONT> <BR><FONT SIZE=3D2>in jail if they ever open one of those doors. = Hopefully the parents can </FONT> <BR><FONT SIZE=3D2>straighten the kids out. I hope the kids tell = the other kids that they </FONT> <BR><FONT SIZE=3D2>got busted. It lets them know they can get in = trouble for it and will </FONT> <BR><FONT SIZE=3D2>hopefully discourage them.</FONT> </P> <P><FONT SIZE=3D2>I just wish I could go visit them physically so I = could make certain they </FONT> <BR><FONT SIZE=3D2>were scared before I let them go.</FONT> </P> <P><FONT SIZE=3D2>Entering a computer system is breaking and = entering. Send them to jail. </FONT> <BR><FONT SIZE=3D2>It doesn't matter if they immediately left without = doing anything. If anyone</FONT> <BR><FONT SIZE=3D2>enters my home through a window I have left open for = ventilation at night,</FONT> <BR><FONT SIZE=3D2>they could very possibly be shot or bludgeoned about = the head and shoulders</FONT> <BR><FONT SIZE=3D2>by a baseball bat or whatever other blunt or sharp = object I find first. </FONT> <BR><FONT SIZE=3D2>They will most likely end up in jail. It makes = no difference that the </FONT> <BR><FONT SIZE=3D2>window was open. You just don't cross those = lines.</FONT> </P> <P><FONT SIZE=3D2>To Unsubscribe: send mail to = majordomo@FreeBSD.org</FONT> <BR><FONT SIZE=3D2>with "unsubscribe freebsd-isp" in the body = of the message</FONT> </P> </BODY> </HTML> ------_=_NextPart_001_01C0BD45.D8D3E0B2-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B1A7D9973EBED3119ADD009027DC8649180F88>