On Sat, 19 Feb 2000, David LeBlanc wrote: > At 08:10 PM 2/19/00 -0800, Ryan Russell wrote: > > >Mixter says he didn't mean for anyone to use his tool like that. > > Quite frankly, I call bullshit. What else can it be used for? Maybe he > didn't mean for it to cost people huge amounts of money, and make CNN, but > what else can you do with it? It is _designed_ to avoid detection. It's quite possibly BS. There are good uses for it, however slight. The white hats have been able to analize a working DDoS package. Mixter has been claiming that he released the original TFN in response to Trinoo. He says he wanted people to have an open-source freely available tool that people could look at. That may be BS as well, be recall that I placed it at 95% evil. Perhaps 5% good is being generous? > > >And for the moment, I'm not talking about use, > >I'm talking about production. > > I'm not concerned about production. I'm concerned about use. I can fondle > my gun all day long, and nothing is illegal. As soon as I hurt someone > with it, I've violated the law. If I give it to a bunch of children, and > encourage them to go shoot up the playground, I've also violated laws. > That's where Mixter is on very, very thin ice. I guess it's just a matter of degree. Sounds like you agree with me mostly. I'm of the opinion that writing tools, even those like TFN, should always be allowed. As long as Mixter didn't fire it off himself, I don't think he should get in trouble. However, even I would condemn a tool that, say, contained a hard-coded stolen name and password, IP address, and "rm -rf * " command. > > >Internet Scanner is as close to antitank > >weaponry as you're going to get for security tools. > > Please. I wrote nearly all the NT checks, and ported a lot of the UNIX > checks. It's a good tool, but not in that class. It comes close to > leveling the playing field between the admins and the script kiddies. Two > main points - it will always take ISS weeks to come up with the newer > exploits (sometimes months), and the scanner is noisier than hell. Plus, I I disagree that it's not that good. I used to own a copy.. it was successful at finding something that let me own the machine 100% of the time, when used against an internal network, and even one against an external network which was supposed to have a firewall in place. It doesn't matter how old it's checks are.. only like 1% of the people out there keep their patches up to date better than that. It doesn't particularly matter that it's noisy, especially if I'm using a stolen key or cracked copy. I could easily be in a place where it doesn't matter. The point is, it's a pretty dangerous tool if used by the bad guys. > > >And once you outlawing tools, you eventually outlaw all security tools. > >Start with TFN, since it's 95% evil. Next, get L0phtcrack since it's 80%. > >Then COPS, it's 60%. Internet Scanner is about 40-50%, so it won't be > >long for that tool. We'll be left with MS' c2config. Whee. > > I think this is an overreaction. I hope so. How about L0phtcrack, though? Even the antivirus guys check for it. I had to investigate a case where it was used pretty effectively buy a bad guy that caused a lot of trouble. > >Either that, or it will swing my way, and apologists for law enforcement's > >abuses of hackers will be the minority. (I know, not likely, but I can > >hope.) > > Considering that computer crime largely goes unprosecuted, and that people > are running around blaming the victim, I think we're going to have to swing > a long way towards law enforcment before we've gone too far. If you spray > painted someone's physical storefront, there would be no question that you > were a vandal and a criminal. If hackers could have stuck to just cruising > around, not tampering with things, and learning, 'hacker' wouldn't be a > dirty word. Instead, we've got a bunch of juvenile dumbasses going around > screwing up people's business, costing them real money, and surprise, > surprise, surprise, now there is going to be a crackdown. What did you > expect? > I expect the people who commit crimes will get reasonable punishments. I expect that I won't be hindered because there are idiots out there. Punish them, not me. I don't expect my kids to get grief when they go to buy spray paint for their bikes, because there are people who do graffitti. Ryan
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:05:51 PDT