Re: Wireless Security (Part 2)

[Ian Scott <ian () pairowoodies com>]

On May 17, 2006 06:14 pm, Craig Wright wrote:
> In common law jurisdictions (and the US is a common law country, not
> civil law - other than in Louisiana) you have rights. In the US there
> are also constitutional rights.

In the US, constitutional rights are those rights reconized as "natural 
rights" by the founding fathers.

> You have every right to stop the attack or remove a host from your
> network, but never any right to attack back. Two wrongs and all that.
> Committing a trespass of your own can not be defended by a defence of
> they did it first.

I have every right to find out what exactly is on my network.  I may begin 
with less intrusive methods which may escalate until I am satisfied.

I do not know what you mean by "trespass" in this context.  Most definitely if 
someone trespasses on my real property, if there has been notice posted, I 
have every right to make an arrest and determine the identity of that person, 
even if they attempt to flee.

If my property is not posted, I begin with low intrusive methods, ie.  telling 
them to leave but have every right to get into a full blown fight, if they 
refuse to surrender to me peacefully when I advise them they are under 
arrest.  Some may refer to this as an "attack" on the trespasser.  But that 
is semantics.

I am course, NOT talking, in my message below, about machines that are 
attacking machines on my network from another network.  I am talking about 
any device using MY network.

Regards,

Ian
> Regards,
> Craig
>
> -----Original Message-----
> From: Ian Scott [mailto:ian () pairowoodies com]
> Sent: Wednesday, 17 May 2006 4:46 PM
> To: security-basics () securityfocus com; gillettdavid () fhda edu
> Cc: hfebelingjr () lycos com
> Subject: Re: Wireless Security (Part 2)
>
> On May 16, 2006 02:47 pm, David Gillett wrote:
> > 2.  Can you post a sign on your driveway, giving yourself the right to
> > search any cars that park there that you don't recognize?  I don't
> > think so.  You have the right to report them to the *police*, who in
>
> turn
>
> > might determine that a search warrant (or one of the few exceptions)
>
> is
>
> > appropriate, but simply arrogating that authority to yourself is risky
> > at best.
>
> People confuse "rights" with what governments limit one in doing. The
> only
> "rights" that I know are those "natural rights" which include ownership
> of
> property.
>
> With this in mind, I would have every right to do anything with any item
> found
> on my property without my permission or knowledge. In my jurisdiction, I
>
> don't have to call the police to have the property removed.  I can
> remove the
> vehicle myself without any permission from the State or its
> representatives.
> I may also have reason to search the vehicle myself before removing it
> for
> any number of reasons.  So, this analogy is false.
>
> As someone who has a number of computers on a network, and include
> computers
> with multiple IP addresses, I believe i have every right to attack an IP
> I
> find on my network to discover what it is that is using that IP address.
> I
> don't always have time, nor is it always convenient for me upon discover
> of
> the use of an IP address that I don't have a record of, to call all my
> customers and ask if they perhaps configured their computer with an IP
> (accidents can happen) incorrectly.
>
> This applies to both wireless and wired components.
>
> Depending on the circumstances, I may choose not to attempt to gain
> access to
> the computer or whatever it is that is on my network - if for example,
> one of
> my clients' boxes appears to have been hacked itself, and is sending out
>
> spam, I won't bother trying to access the box.  I'll simply walk over
> and
> unplug it.  One could argue that my actions of removing the ethernet
> cable
> from the box is some form of "trespass" against that box - the male end
> of
> the cable is inside the female end of the ethernet card inside the box.
>
> They can argue that all they want - with whatever analogies they want.
> It's
> my network - the resources that make the network possible, regardless of
>
> whether it is wired or wireless, are my resources.  It's my property -
> and I
> have every "right" to know what or who is on my network - and there may
> be
> times when I simply can't ask - I have to do something else to find out.
>
>
>
>
>
> Liability limited by a scheme approved under Professional Standards
> Legislation in respect of matters arising within those States and
> Territories of Australia where such legislation exists.
>
> DISCLAIMER
> The information contained in this email and any attachments is
> confidential. If you are not the intended recipient, you must not use or
> disclose the information. If you have received this email in error, please
> inform us promptly by reply email or by telephoning +61 2 9286 5555. Please
> delete the email and destroy any printed copy.
>
> Any views expressed in this message are those of the individual sender. You
> may not rely on this message as advice unless it has been electronically
> signed by a Partner of BDO or it is subsequently confirmed by letter or fax
> signed by a Partner of BDO.
>
> BDO accepts no liability for any damage caused by this email or its
> attachments due to viruses, interference, interception, corruption or
> unauthorised access.

Attachment: _bin
Description: