Re: CRIME Netcraft Ethics

From: Crispin Cowan (crispin@private)
Date: Fri Jun 21 2002 - 15:45:16 PDT

Next message: Ray Robert: "RE: CRIME EarthLink Password Security Story"

Previous message: SCRIMSHER,JOHN (HP-Corvallis,ex1): "RE: CRIME EarthLink Password Security Story"
In reply to: Jimmy S.: "CRIME Netcraft Ethics"
Next in thread: Alan: "Re: CRIME Netcraft Ethics"
Reply: Alan: "Re: CRIME Netcraft Ethics"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jimmy S. wrote:

>I would like to pose a question?  Does anyone else have a problem with
>Netcraft sweeping the web looking vulnerable servers to latest IIS buffer
>overflow?
>
Considering that bad guys can (and do) do exactly the same thing, but 
with malicious intent, I have no problem at all with Netcraft collecting 
this data. As brvarian said, if you don't want this data collected, 
don't advertise it. If you are even half-way concerned about security, 
then you should not be advertising (accurate) application banners anyway.

Crispin

-- 
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com/~crispin/
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html

Next message: Ray Robert: "RE: CRIME EarthLink Password Security Story"
Previous message: SCRIMSHER,JOHN (HP-Corvallis,ex1): "RE: CRIME EarthLink Password Security Story"
In reply to: Jimmy S.: "CRIME Netcraft Ethics"
Next in thread: Alan: "Re: CRIME Netcraft Ethics"
Reply: Alan: "Re: CRIME Netcraft Ethics"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jun 21 2002 - 16:57:56 PDT