On Fri, 10 Aug 2001, Etaoin Shrdlu wrote ( sanitized by z@s0be.net ):
> I think an interesting solution to this problem, no matter how
> unethical would be to write a program that leverages the vulnerability to
> patch the infected machine. In fact, it surprises me that this hasn't
> been done.It's illegal. Really. What's the difference between someone breaking into
my machine and destroying stuff, and someone breaking into, say,
x.x.x.x., and "fixing" it? None. It's illegal. And yes, I HATE the
machine that is on the other end of that IP. It is apparently installed
with either mandarin or cantonese, which means that it bothers me a LOT
when it bothers me.It's a poorly configured win2k machine, with no proper reverse entry
(although I know it belongs to OWNER_OF_x.x.x.x). Looking isn't
illegal. I've even connected to his smtp server (but not bothered to send
mail, since vrfy doesn't really guarantee that someone is there, and I have
no evidence that he'd read email sent to administrator in any case). Sad,
really.It's still illegal. Yes, it'd probably be a kindness. It's still illegal.
<--( SNIP )-->
Helu,
I'm in agreement that it is illegal as well, however it does
raise an interesting issue: Under what terms, if any, should various
parties whose infrastructure is under some form of attack be able to
defend themselves and what is the extent of that defense for a given
situation?
I think that due dilligence should be carried out in any situation, to
give someone the chance to stop ( in most situations ), but where do you
draw the line?
NOTE: I'm not exactly condoning counterattacks, but I think in certain
situations I could definitely justify it in my mind if someone were to
take that course of action after exhausting their options for resolving a
situation in which they are under some form of attack.
.z