Security Incidents mailing list archives

Re: Korea (was RE: ?)


From: Paul.Kincaid () BLACKBAUD COM (Paul Kincaid)
Date: Tue, 1 Feb 2000 10:02:22 -0500


One thing that has not been pointed out is that this computer is in Korea.
Everyone is talking about what would happen with an American Judicial twist
to it.  Other countries have VERY differnet laws.  What might be a perfect,
air-tight sense of protecting property might be something very different in
Korea.

The arguement is good if it were an American computer that you were trying
to help out and patch a hole, but if its somewhere else - they might have an
implied Terms of Service agreement.  All I would say is be careful where you
go and what you do.

My opinion is as soon as you discover that you might possibly have found a
root shell on a system, immediately report it to the SysAdmin or Technical
Contact.  I personally would be very offended and quite upset if someone
came along and "patched" my server to make it more secure - it might very
well have been a honeypot I installed to catch someone who was attempting to
do something to me and now someone else comes along, good samaritan or not,
but changes my server.

Just a thought
Paul.

-----Original Message-----
From: David Brumley [mailto:dbrumley () RTFM STANFORD EDU]
Sent: Friday, January 28, 2000 4:18 PM
To: INCIDENTS () SECURITYFOCUS COM
Subject: Re: Korea (was RE: ?)

In my opinion, it's all about intent.  If you expect and or try to gain
unauthorized access, it's bad (the whole discussion on whether or not you
had to see the ToS has been done...conclusion: we need a court case that
goes to trial to decide).

-me

On Fri, 28 Jan 2000, JJ Gray wrote:

Hi folks,
    Hmmm, might possibly be an ethical question but it's not really a
legal
one - if you are dropped straight to a prompt with no terms and conditions
of use, statements of authorised users only and the like then the chances
of
legal action would be almost non-existant IMHO.   I don't see how
connecting
to an internet visible computer & port is illegal in itself and the
comment
on condoning cracking is a little harsh don't you think ?   Extrapolating
that argument would result in connecting to a web server on port 80 being
regarded as cracking ????   Where do you draw the line ?   I regularly see
in my firewall logs that various mailservers, DNS servers and the like are
pinging me - is this scanning ?   Is this legal ? *shrug*
I decide what I consider benign or aggressive behaviour on percieved
intent,
not specific action.

Just my two penneth ;-)

Regards,
            JJ

Sed quis custodiet ipsos custodes ?

----- Original Message -----
From: Brooke, O'Neil <o'neil.brooke () LMCO COM>
To: <INCIDENTS () SECURITYFOCUS COM>
Sent: Thursday, January 27, 2000 11:40 PM
Subject: Re: Korea (was RE: ?)


Well, while you're there, why don't you poke around and see if you can
find
out
who ownz that box?  Could be useful to know that...

RGF

Robert G. Ferrell
Internet Technologist
National Business Center, US DoI
Robert_G_Ferrell () nbc gov

This is not a very ethical statement. Especially when you consider the
email address you have used to send this message. Does the National
Business Center condone 'cracking', when it is useful?



--
#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#
David Brumley - Stanford Computer Security - dbrumley () Stanford EDU
Phone: +1-650-723-2445    WWW: http://www.stanford.edu/~dbrumley
Fax:   +1-650-725-9121    PGP: finger dbrumley-pgp () sunset Stanford EDU
#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#
c:\winnt> secure_nt.exe
  Securing NT.  Insert Linux boot disk to continue......
            "I have opinions, my employer does not."



Current thread: