[Dshield] Port 135

KeithTarrant@spamcop.net KeithTarrant at spamcop.net
Sat Oct 19 00:37:09 GMT 2002


> Do understand this correctly? Say my web server is compromised through
port
> 80 by (we'll say) an undocumented vulnerability and it causes me more
than
> $5000 in actual losses. What you're saying is that even if I can lead
them
> to the cracker, I'm SOL because I didn't have a banner saying you can't
hack
> my system?

Do they compromise your system using services you make openly accessible?

Or do they crack or steal passwords?  Do they use obscure routes and bugs
to bypass your security?

It is like putting a fence and gate or no tresspassing signs on your plant
facility.

No fence and gate, or no signs -- no tresspassing charges -- visitors
welcome.  (And with juvenilles, signs may not be adequate if your facility
is an "attractive nuisance".)

But if they have to break in, if they have to look for gaps under the
fence, then it is generally an offense.

If law enforcement decides to get involved in going after computer users,
I think we can assume they will start with the damaging malicious users,
rather than the benevolent ones.

Law enforcements is not exactly busting a gut going after sites that
openly distribute Sub 7 or other hacking tools and methods to anyone who
comes along, ally, terrorist, foreign agent, or bored school boy.  I've
seen posts quoting FBI agents saying the real minimum limit for damages of
what they will investigate is $200,000 (I think that was Steve Gibson, and
like him or not, he does have an in there).

In my opinion, computers open for use in DoS attacks, are a risk to
national security.  Anyone looking for excuses to delay the securing of
such computers is not working in the interests of national security no
matter how good or bad their logic.





More information about the list mailing list