[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "suspicious" apache log entries

On Tue, Sep 10, 2002 at 03:28:42AM -0700, Vineet Kumar wrote:
> * Michael Renzmann (mrenzmann@dylanic.de) [020910 03:12]:
> > Hi.
> > 
> > Vineet Kumar wrote:
> > >>Phillip Hofmeister stated that one could use the Nimda backdoor on the 
> > >>server that connects our server to setup a warning message on the 
> > >>attacking computer's desktop. 
> > >If you do, be prepared to go to jail...
> > 
> > For what reason? For telling stupid webserver administrators about a 
> > security problem they have?
> As the law is concerned, this is like telling people they've left their
> front door unlocked by inviting yourself in and taking a dump on their
> couch.  It's not yours, and you have no right to enter, let alone change
> (deface) the site, no matter how easy it is, or how much good you think
> you might be accomplishing.

Wrong analogy.

Imagine instead a car that is always unlocked and is used nightly by
hooligans when they go joy-riding.

The warning message + lockup technique is more like leaving a note
behind the wind-shield of the car and locking its doors.  In the real
world, such behavior might be called "being a concerned citizen".

Erik Rossen                          ^    OpenPGP key: 2935D0B9
rossen@freesurf.ch                  /e\   "Use GnuPG, see the
http://people.linux-gull.ch/rossen  ---    black helicopters."

Reply to: