Re: "suspicious" apache log entries

To: Andreas Syka <asyska@db-media.de>
Cc: debian-security@lists.debian.org
Subject: Re: "suspicious" apache log entries
From: skalar <skalar@v0id.at>
Date: Fri, 13 Sep 2002 13:08:40 +0200
Message-id: <[🔎] 20020913110840.GA885@v0id.at>
Reply-to: skalar <skalar@v0id.at>
In-reply-to: <[🔎] 002201c25b06$b493ed40$1901000a@as>
References: <[🔎] 20020912032447.GD31875@llama.nslug.ns.ca> <[🔎] 6D8E22F9-C620-11D6-B25D-00050285B655@ncpro.com> <[🔎] 20020912234226.GG1449@lovelace> <[🔎] 002201c25b06$b493ed40$1901000a@as>

* Andreas Syka <asyska@db-media.de> [020913 11:19]:
> ----- Original Message -----
> 
> From: "Geoff Crompton" <geoff.crompton@bjhcontrols.com.au>
> 
> To: <debian-security@lists.debian.org>
> 
> Sent: Friday, September 13, 2002 1:42 AM
> 
> Subject: Re: "suspicious" apache log entries
> 
> 
> >   I can see that sending an email is an approriate legal, and
> >   responsible course of action.
> >   However to make his servers beep, you still need to perform an illegal
> >   act of cracking into his box. Regardless of what you intend to do when
> >   you get in there, it is still unauthorized access to the computer. If
> >   it is legal to crack a box for 'good' reasons, what do you think the
> >   real crackers will say there were doing if they get caught?
> 
> 
> 
> Ok, we had some posts saying that getting into someone's box and
> 
> making some noise to get the admins attention is comparable with walking in
> 
> someone house, sitting on the owners sofa and waiting / leaving a note on
> the
> 
> wall to tell him someone broke in - both is illegal unauthorized access.
> 
> Now that the owner is on holiday, his house is burning and my house is next
> to him
> 
> I should call the fire brigade to at least protect my own house and the
> police
> 
> - as I've seen someone who put the house on fire.
> 
> 
> 
> Writing emails to them did work up to now and the owner is still not
> reachable too.
> 
> The police is not interested - because there is a border between my house
> 
> and the burning one. I should try to contact the police "over there".
> 
> 
> 
> Right, its a bit stupid to use such comparison - but its somehow fun too.
> 
> The person on holiday is just called "standard M$-certified admin".
> 
> 
> 
> >   Unless we could popularise running a 'alert-me-if-my-box-is-screwy'
> >   daemon, which when it receives a message it beeps, displays a message,
> >   and keeps beeping until an operator acks the message.
> 
> 
> 
> Even ISPs do not really care about beeping boxed. When I carried my first
> holy
> 
> 4U-server to my ISP last year, I was really shocked. Tons of beeping
> RAID-cards /
> 
> power-supplies. They never would hear mine. And its really not a small ISP
> 
> (I guess the smaller ones would be able to act properly).
> 
> 
> 
> IMO the only proper solution would be to notify the person mentioned in the
> 
> RIPE-handle / Domain-handle and hope that someone is going to react.
> 
> Everything else is playing fire- policeman. Or some kind of self protection.
> 
> 
> 
> >   Cheers
> >   Geoff
> 
> 
> 
> best regards
> 
> Andreas
> 
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: "suspicious" apache log entries
  - From: Peter Cordes <peter@llama.nslug.ns.ca>
- Re: "suspicious" apache log entries
  - From: Marcel Weber <mmweber@ncpro.com>
- Re: "suspicious" apache log entries
  - From: Geoff Crompton <geoff.crompton@bjhcontrols.com.au>
- Re: "suspicious" apache log entries
  - From: "Andreas Syka" <asyska@db-media.de>

Prev by Date: Re: "suspicious" apache log entries
Next by Date: rlx blade server attacked
Previous by thread: Re: "suspicious" apache log entries
Next by thread: RE: "suspicious" apache log entries
Index(es):
- Date
- Thread