> -----Original Message----- > From: William T Wilson [mailto:[EMAIL PROTECTED] > Sent: Tuesday, August 07, 2001 2:01 PM > To: Nathan E Norman > Cc: debian-user@lists.debian.org > Subject: Re: FW: Careful. This is for information only. > > > On Mon, 6 Aug 2001, Nathan E Norman wrote: > > > I have to agree with John ... using a security hole in > someone else's > > server for good or evil is probably not a good idea legally. I'd > > advise against it. > > In states with "Good Samaritan" laws you are likely to be > shielded from > liability as long as any action you take is clearly intended as help. > > Considering the fact that tens of thousands of malicious > security attacks > per year go unprosecuted, I doubt that anything non-malicious > would be a > big risk. Unless you have deep pockets. > > That said, it's traditional to send the admin a message using the root > account when a hole is found, but it isn't at all necessary. > Just send > the relevant excerpt from your log that shows they are > attacking you to > several good guesses at the relevant account ([EMAIL PROTECTED], [EMAIL > PROTECTED], > etc.) and leave it at that. >
Its a pity those people are so lame and irresponsible that they are not doing anything about it. I actually began looking at the web pages, and emailing the web admin or contact point but with a packet coming in every few minutes it became impossible. It also seemed to be a waste of time as most of these sites are still online and attempting to spread the virus. The other fact that when the IP is looked up there is absolutely no record of where or who it is makes it almost impossible to alert them of their predicament. Don't these people have a legal and moral responsibility to ensure that their system is free from spreading the virus and damaging other systems ? Where is their duty of care. If they initiate an attack on me, don't I have a right to defend my site, a commercial enterprise, against them to stop THEIR attacks on my network ? Think about it... the message or whatever would not be sent if they did not send an attack first. Welcome to a legal nightmare. I just find it hard to believe that people still haven't patched their servers, and in the mean time I am paying for all the extra traffic into my server. It may not seem much but it sure adds up over a month or two. Who can I sue to recover that ?? The whole thing seemed interesting at first.... Now I just get pissed off at the irresponsibility of it all. Oh damn... looking at the logs.... looks like here comes another one... "GET /robots.txt HTTP/1.0"... repeat. If I could turn off the web server I would, but I can't. Ian
