At 08:10 PM 2/19/00 -0800, Ryan Russell wrote: >Mixter says he didn't mean for anyone to use his tool like that. Quite frankly, I call bullshit. What else can it be used for? Maybe he didn't mean for it to cost people huge amounts of money, and make CNN, but what else can you do with it? It is _designed_ to avoid detection. >And for the moment, I'm not talking about use, >I'm talking about production. I'm not concerned about production. I'm concerned about use. I can fondle my gun all day long, and nothing is illegal. As soon as I hurt someone with it, I've violated the law. If I give it to a bunch of children, and encourage them to go shoot up the playground, I've also violated laws. That's where Mixter is on very, very thin ice. >Internet Scanner is as close to antitank >weaponry as you're going to get for security tools. Please. I wrote nearly all the NT checks, and ported a lot of the UNIX checks. It's a good tool, but not in that class. It comes close to leveling the playing field between the admins and the script kiddies. Two main points - it will always take ISS weeks to come up with the newer exploits (sometimes months), and the scanner is noisier than hell. Plus, I don't think anything other than the NT version has ever hit the warez sites - this means that it is almost certainly being run from the machine the hacker is sitting in front of. It is INCREDIBLY, and INTENTIONALLY noisy. You'd be hex editing all day long to get that out of it, and even so, it will leave HUGE tracks, especially against UNIX boxes. No sane hacker is going to use it. Using the scanner against an unauthorized network is a really good way to end up in jail quickly. Even the initial ping sweeps have information in them. If running it doesn't sound alarms, then something is wrong. _I_ do not use it if I wish to be stealthy even when I have a get out of jail free card. Plus, it is really slow, and is getting slower. Takes a long time to run. You scan the wrong network, and the cops will be at the door before it finishes. >And once you outlawing tools, you eventually outlaw all security tools. >Start with TFN, since it's 95% evil. Next, get L0phtcrack since it's 80%. >Then COPS, it's 60%. Internet Scanner is about 40-50%, so it won't be >long for that tool. We'll be left with MS' c2config. Whee. I think this is an overreaction. >> I'm going to stand over here with the people who >> are sick of it, won't tolerate it, and are trying to be part of the >> solution. >Either that, or it will swing my way, and apologists for law enforcement's >abuses of hackers will be the minority. (I know, not likely, but I can >hope.) Considering that computer crime largely goes unprosecuted, and that people are running around blaming the victim, I think we're going to have to swing a long way towards law enforcment before we've gone too far. If you spray painted someone's physical storefront, there would be no question that you were a vandal and a criminal. If hackers could have stuck to just cruising around, not tampering with things, and learning, 'hacker' wouldn't be a dirty word. Instead, we've got a bunch of juvenile dumbasses going around screwing up people's business, costing them real money, and surprise, surprise, surprise, now there is going to be a crackdown. What did you expect? Also consider that getting in the way of legitimate business tends to give people problems - the fact that a legitimate security tool business exists means that the laws won't come down too hard on making the tools - just using them illegally will get you nailed. Consider that Sen. Sam Nunn works closely with ISS, and Tom Noonan went to the White House - ISS is extremely well politically connected (due largely to some very astute moves on Noonan's part). I don't think that making tools to check your own network with are going to be illegal any time soon. David LeBlanc dleblancat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:06:13 PDT