Re: CRIME Netcraft Ethics

From: Crispin Cowan (crispin@private)
Date: Fri Jun 21 2002 - 15:45:16 PDT

  • Next message: Ray Robert: "RE: CRIME EarthLink Password Security Story"

    Jimmy S. wrote:
    
    >I would like to pose a question?  Does anyone else have a problem with
    >Netcraft sweeping the web looking vulnerable servers to latest IIS buffer
    >overflow?
    >
    Considering that bad guys can (and do) do exactly the same thing, but 
    with malicious intent, I have no problem at all with Netcraft collecting 
    this data. As brvarian said, if you don't want this data collected, 
    don't advertise it. If you are even half-way concerned about security, 
    then you should not be advertising (accurate) application banners anyway.
    
    Crispin
    
    -- 
    Crispin Cowan, Ph.D.
    Chief Scientist, WireX Communications, Inc. http://wirex.com/~crispin/
    Security Hardened Linux Distribution:       http://immunix.org
    Available for purchase: http://wirex.com/Products/Immunix/purchase.html
    



    This archive was generated by hypermail 2b30 : Fri Jun 21 2002 - 16:57:56 PDT