Page 2 of 2 FirstFirst 12
Results 21 to 26 of 26

Thread: Notifying the infected?

  1. #21
    D. Stussy
    Guest

    Re: Notifying the infected?

    "Ansgar -59cobalt- Wiechers" <usenet-2010@planetcobalt.net> wrote in
    message news:7rqrhpFqnkU2@mid.individual.net...
    > D. Stussy <spam+newsgroups@bde-arc.ampr.org> wrote:
    > > "Ansgar -59cobalt- Wiechers" <usenet-2010@planetcobalt.net> wrote:
    > >> D. Stussy <spam+newsgroups@bde-arc.ampr.org> wrote:
    > >>> "Ansgar -59cobalt- Wiechers" <usenet-2010@planetcobalt.net> wrote:
    > >>>> Davej <galt_57@hotmail.com> wrote:
    > >>>>> So just what legitimate services would anyone be hoping to find at
    > >>>>> some random node?
    > >>>>
    > >>>> Whatever service that random node is providing? This may come as a
    > >>>> shock to you, but probing a host's ports really is the only way of
    > >>>> discovering which service(s) that host provides.
    > >>>
    > >>> That doesn't mean that anyone has a right to scan for open ports on
    > >>> some random machine;
    > >>
    > >> It most certainly does. You connected the machine to a public
    > >> network, and - repeating myself - in any TCP/IP network probing ports
    > >> is the only way of discovering what services a given host offers.

    > >
    > > That's like saying that spammers have a right to spam you - and you
    > > must accept their crap.

    >
    > Well, unless there are laws against spam, they do have the right to spam
    > you. Sorry to burst your bubble. However, nobody's forcing you to accept
    > their crap. Just like nobody's forcing you to accept connections from
    > anyone. There's packet filters, there's encryption, there's
    > authentication. Heck, there's even the option of NOT PROVIDING SERVICES
    > YOU DON'T WANT TO PROVIDE, silly as it may sound.


    There are laws against spamming. There are laws against unauthorized
    access.

    > >>> a prelude to exploits (including attempts).
    > >>
    > >> A portscan is not necessarily the prelude to an attack. And a
    > >> portscan most certainly isn't an attack in itself.

    > >
    > > More often than not, it is.

    >
    > You have some figures to support that opinion, I suppose? Not that it
    > matters, anyway, because even if we assume it to be true, the assumption
    > that *every* portscan came from an infected host trying to spread its
    > disease would still be invalid.


    Obviously, a port scan performed by the host's owner or agent is not. A
    port scan performed by a stranger is - for there's no other reason for such
    other than to find exploitable resources.

    > >>> Some places have laws against such action.

    > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    > >> Fortunately most places have legislators with at least half a brain
    > >> and don't.

    > >
    > > ...And don't what?

    >
    > Read again.


    Answer the question. You have a hanging auxillary verb.



  2. #22
    Ansgar -59cobalt- Wiechers
    Guest

    Re: Notifying the infected?

    D. Stussy <spam+newsgroups@bde-arc.ampr.org> wrote:
    > "Ansgar -59cobalt- Wiechers" <usenet-2010@planetcobalt.net> wrote:
    >> D. Stussy <spam+newsgroups@bde-arc.ampr.org> wrote:
    >>> "Ansgar -59cobalt- Wiechers" <usenet-2010@planetcobalt.net> wrote:
    >>>> You connected the machine to a public network, and - repeating
    >>>> myself - in any TCP/IP network probing ports is the only way of
    >>>> discovering what services a given host offers.
    >>>
    >>> That's like saying that spammers have a right to spam you - and you
    >>> must accept their crap.

    >>
    >> Well, unless there are laws against spam, they do have the right to
    >> spam you. Sorry to burst your bubble. However, nobody's forcing you
    >> to accept their crap. Just like nobody's forcing you to accept
    >> connections from anyone. There's packet filters, there's encryption,
    >> there's authentication. Heck, there's even the option of NOT
    >> PROVIDING SERVICES YOU DON'T WANT TO PROVIDE, silly as it may sound.

    >
    > There are laws against spamming. There are laws against unauthorized
    > access.


    I'm debating the "unauthorized" part when it comes to hosts on public
    networks. I already explained in another post why requiring explicit
    permission would ultimately break the Internet, so I'll simply refer you
    to that post.

    >>>> A portscan is not necessarily the prelude to an attack. And a
    >>>> portscan most certainly isn't an attack in itself.
    >>>
    >>> More often than not, it is.

    >>
    >> You have some figures to support that opinion, I suppose?


    Apparently not. I thought so.

    >> Not that it matters, anyway, because even if we assume it to be true,
    >> the assumption that *every* portscan came from an infected host
    >> trying to spread its disease would still be invalid.

    >
    > Obviously, a port scan performed by the host's owner or agent is not.
    > A port scan performed by a stranger is - for there's no other reason
    > for such other than to find exploitable resources.


    Remove the word "exploitable" and you're right.

    >>>>> Some places have laws against such action.

    >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    >>>> Fortunately most places have legislators with at least half a brain
    >>>> and don't.
    >>>
    >>> ...And don't what?

    >>
    >> Read again.

    >
    > Answer the question. You have a hanging auxillary verb.


    You lack reading comprehension. The answer to your question lies in the
    part I underlined.

    cu
    59cobalt
    --
    "If a software developer ever believes a rootkit is a necessary part of
    their architecture they should go back and re-architect their solution."
    --Mark Russinovich

  3. #23
    D. Stussy
    Guest

    Re: Notifying the infected?

    "Ansgar -59cobalt- Wiechers" <usenet-2010@planetcobalt.net> wrote in
    message news:7rs4ipFb8tU1@mid.individual.net...
    > D. Stussy <spam+newsgroups@bde-arc.ampr.org> wrote:
    > > "Ansgar -59cobalt- Wiechers" <usenet-2010@planetcobalt.net> wrote:
    > >> D. Stussy <spam+newsgroups@bde-arc.ampr.org> wrote:
    > >>> "Ansgar -59cobalt- Wiechers" <usenet-2010@planetcobalt.net> wrote:
    > >>>> You connected the machine to a public network, and - repeating
    > >>>> myself - in any TCP/IP network probing ports is the only way of
    > >>>> discovering what services a given host offers.
    > >>>
    > >>> That's like saying that spammers have a right to spam you - and you
    > >>> must accept their crap.
    > >>
    > >> Well, unless there are laws against spam, they do have the right to
    > >> spam you. Sorry to burst your bubble. However, nobody's forcing you
    > >> to accept their crap. Just like nobody's forcing you to accept
    > >> connections from anyone. There's packet filters, there's encryption,
    > >> there's authentication. Heck, there's even the option of NOT
    > >> PROVIDING SERVICES YOU DON'T WANT TO PROVIDE, silly as it may sound.

    > >
    > > There are laws against spamming. There are laws against unauthorized
    > > access.

    >
    > I'm debating the "unauthorized" part when it comes to hosts on public
    > networks. I already explained in another post why requiring explicit
    > permission would ultimately break the Internet, so I'll simply refer you
    > to that post.


    Using a specific, well-known service that is meant for public access isn't
    going to fit with "unauthorized" (at least at first glance). Scanning a
    site for nonstandard features and those not meant for public consumption
    is, especially when followed with an exploit attack.

    > >>>> A portscan is not necessarily the prelude to an attack. And a
    > >>>> portscan most certainly isn't an attack in itself.
    > >>>
    > >>> More often than not, it is.
    > >>
    > >> You have some figures to support that opinion, I suppose?

    >
    > Apparently not. I thought so.


    I don't see where I have the burden of proof. You went first, so you need
    to demonstrate your assertion.

    > >> Not that it matters, anyway, because even if we assume it to be true,
    > >> the assumption that *every* portscan came from an infected host
    > >> trying to spread its disease would still be invalid.

    > >
    > > Obviously, a port scan performed by the host's owner or agent is not.
    > > A port scan performed by a stranger is - for there's no other reason
    > > for such other than to find exploitable resources.

    >
    > Remove the word "exploitable" and you're right.
    >
    > >>>>> Some places have laws against such action.
    > >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    > >>>> Fortunately most places have legislators with at least half a brain
    > >>>> and don't.
    > >>>
    > >>> ...And don't what?
    > >>
    > >> Read again.

    > >
    > > Answer the question. You have a hanging auxillary verb.

    >
    > You lack reading comprehension. The answer to your question lies in the
    > part I underlined.


    If by that you meant that "don't have laws", the CORRECT English would be:

    "...half a brain; some don't."

    Learn to write PROPERLY before accusing your reader(s) of misunderstanding.



  4. #24
    Skywise
    Guest

    Re: Notifying the infected?

    Ansgar -59cobalt- Wiechers <usenet-2010@planetcobalt.net> wrote in
    news:7rrhg3Fi9tU1@mid.individual.net:

    > I've been running Windows (as well as other systems) for more than a
    > decade now, and I can count the number of infections on one hand.


    I can do better. ZERO infections. Running windows since 3.1.

    Practice safe hex.

    Brian
    --
    http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism
    Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html
    Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html
    Sed quis custodiet ipsos Custodes?

  5. #25
    Skywise
    Guest

    Re: Notifying the infected?

    Bit Twister <BitTwister@mouse-potato.com> wrote in
    news:slrnhlghc9.56v.BitTwister@wb.home.test:

    > Several states in the USA have gotten tired of your excuse being used
    > by hackers. Any unauthorized access is criminal trespass.
    > That means a ping is trespassing.


    Well, then they better star pressing charges. I hope they have the
    court resources to prosecute a couple billion people.

    Brian
    --
    http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism
    Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html
    Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html
    Sed quis custodiet ipsos Custodes?

  6. #26
    Ansgar -59cobalt- Wiechers
    Guest

    Re: Notifying the infected?

    D. Stussy <spam+newsgroups@bde-arc.ampr.org> wrote:
    > "Ansgar -59cobalt- Wiechers" <usenet-2010@planetcobalt.net> wrote:
    >> D. Stussy <spam+newsgroups@bde-arc.ampr.org> wrote:
    >>> There are laws against spamming. There are laws against
    >>> unauthorized access.

    >>
    >> I'm debating the "unauthorized" part when it comes to hosts on public
    >> networks. I already explained in another post why requiring explicit
    >> permission would ultimately break the Internet, so I'll simply refer
    >> you to that post.

    >
    > Using a specific, well-known service that is meant for public access
    > isn't going to fit with "unauthorized" (at least at first glance).


    On second glance: even if the port is well-known, it still doesn't say
    anything at all about whether the owner of the server made that service
    accessible on purpose. Back to square one. Unless we can assume implicit
    consent of the owner (he willingly put the server on a public network
    after all). In which case I fail to see why this shouldn't apply to all
    ports.

    > Scanning a site for nonstandard features and those not meant for
    > public consumption is, especially when followed with an exploit
    > attack.


    I'm talking about accessing/using a service. Attacking someone is
    already covered by other (criminal) laws. It's the same difference as
    talking to a random person and beating that random person up.

    >>>>>> A portscan is not necessarily the prelude to an attack. And a
    >>>>>> portscan most certainly isn't an attack in itself.
    >>>>>
    >>>>> More often than not, it is.
    >>>>
    >>>> You have some figures to support that opinion, I suppose?

    >>
    >> Apparently not. I thought so.

    >
    > I don't see where I have the burden of proof. You went first, so you
    > need to demonstrate your assertion.


    cobalt@iridium:~ $ nmap -sT -P0 74.125.43.103

    Starting Nmap 4.62 ( http://nmap.org ) at 2010-01-22 09:16 CET
    Interesting ports on bw-in-f103.1e100.net (74.125.43.103):
    Not shown: 1712 filtered ports
    PORT STATE SERVICE
    80/tcp open http
    113/tcp closed auth
    443/tcp open https

    Nmap done: 1 IP address (1 host up) scanned in 14.084 seconds
    cobalt@iridium:~ $ _

    No exploit/attack intended. Your turn.

    [...]
    >>>>>>> Some places have laws against such action.
    >>>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    >>>>>> Fortunately most places have legislators with at least half a
    >>>>>> brain and don't.
    >>>>>
    >>>>> ...And don't what?
    >>>>
    >>>> Read again.
    >>>
    >>> Answer the question. You have a hanging auxillary verb.

    >>
    >> You lack reading comprehension. The answer to your question lies in
    >> the part I underlined.

    >
    > If by that you meant that "don't have laws", the CORRECT English would
    > be:
    >
    > "...half a brain; some don't."


    Ummm... no. I wrote "... half a brain and don't [have laws against such
    action]", leaving out the part in square brackets as a figure of speech
    (this is called "ellipsis"; look it up).

    > Learn to write PROPERLY before accusing your reader(s) of
    > misunderstanding.


    English isn't my first language, so I'm prone to make a mistake every
    once in a while (although in this case I don't believe I did). What's
    your excuse?

    cu
    59cobalt
    --
    "If a software developer ever believes a rootkit is a necessary part of
    their architecture they should go back and re-architect their solution."
    --Mark Russinovich

Similar Threads

  1. Infected: virus Net-Worm.Win32.Kido.ih
    By itsallaobutgame in forum comp.security.firewalls
    Replies: 6
    Last Post: 05-10-10, 02:48 PM
  2. New hijack log, new problem :(
    By nodeuce in forum Network Security
    Replies: 1
    Last Post: 01-22-09, 04:40 PM
  3. Problem with opening first page (homepage) in browser.
    By HHawk in forum General Broadband Forum
    Replies: 2
    Last Post: 12-12-08, 09:06 AM
  4. Replies: 4
    Last Post: 11-20-07, 07:32 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •