[unisog] When is traffic 'abuse'?

Gary Flynn flynngn at jmu.edu
Fri Jul 27 16:44:19 GMT 2001


"Harris, Michael C." wrote:
> 
> A host sent a message to our abuse line including FTP logs that we were
> intruding upon his host.  in reading the logs he sent, it seems it was an
> anonymous ftp site, and he was complaining because one of out users tried to
> write a file to pub incoming.

1. We had someone complain because someone was posting off-topic messages 
   to an unauthenticated, non-access controlled web based discussion group.

2. We had another complaint from a site that pays for web hits after
   someone scripted the process.

3. Inappropriate use of an email mailbox normally open to the public
   is referred to as SPAM.

Except for gross denial of service attacks, SPAM, and system compromises, 
I don't think there are any broadly accepted terms of use for network 
connected services. Or at least none I'm aware of. Publishers are at 
the mercy of the appropriate use policies and enforcement procedures 
of the ISP or country of origin.

If a person proclaims on a network accessible web server that it
is only for a select group of users without including any access
controls to enforce it, are there any legal grounds to pursue
complaints? (Related question 1: How does this change if access 
controls are implemented but: (a) not suitable for the task 
(b) poorly implemented or (c) buggy. We start getting into
intent issues.

Can the publisher of a web site put up an enforceable terms of use
statement that says automated tools may not be used to access it?
Or that the files available for download on the site are only to
be accessed from the site's navigation features and not directly
to the URLs? Or via links to those URL's from other sites?

Can I connect a computer to a network and say that I don't want it
to be subject to non-ARP broadcast traffic, netbios name requests,
ident(auth) requests, or pings? What about server locators for
audio file servers, JetDirect printer SNMP requests, or PCAnywhere
broadcasts? Network discovery tools? Many types of packets will go 
up the stack of an individual's computer. What packets constitute 
harassment? What intentions are allowed? Solicitation? Discovery?
Curiosity?

Is freedom to send packets protected under the first amendment? :)

As to the original complaint of a periodic ping there are no
policies to address this and it is a policy issue. Maybe its like
a motion detector in your yard going off because somebody
occasionally purposely or carelessly steps into the grass.
Or maybe its like someone you don't know or like walking by
occasionally and sticking out their tongue. How hard is the 
recipient willing to pursue the case? What's it worth?

The network, to a large degree, mirrors society.

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/info-security/engineering/runsafe.shtml



More information about the unisog mailing list