And so I learn!! BTW - HUGE thanks for the clarification on ethics. More comments inline. Monday, December 30, 2002, 1:45:35 PM, you wrote: JDD> -----BEGIN PGP SIGNED MESSAGE----- JDD> Hash: SHA1 JDD> On Mon, 30 Dec 2002, Greg Barnes wrote: >> JDD> Such a practice strikes me as teleologically ethical[1]. A system >> >> Technologically Ethical? Is that like 'technically honest' but not >> honest by any other definition? JDD> No. There are two primary camps in ethics: deontological and JDD> teleological. Deontological holds that all ethical constructs are JDD> absolute and unwavering, regardless of circumstance. These rules are JDD> typically given to humanity by a deity or some other authority. JDD> Teleological ethics holds that all ethical proscriptions arise from value JDD> assessments of undesirable consequences that come from unethical actions. JDD> Teleological ethics also hold that the quality of an otherwise seeming JDD> transgression is mitigated by both intent and outcome. JDD> To bust it down in the simplest terms for an example: it is wrong JDD> to lie. But if I was harboring Jews from the Nazis during WWII and the JDD> Nazis asked me if I had seen any Jews and I told them I hadn't, then I JDD> would have lied. That lie, while deontologically unethical, was JDD> teleologically ethical. Again, thanks for the clarification. And now that I understand the difference between the two ethical camps, I know enough to know that I will be more careful when answering questions regarding the ethics of an action/inaction in the future. >> JDD> is being abused and we recipient systems are paying the canonical >> JDD> price for it. And since we bear the cost of someone else's >> JDD> irresponsibility, we have both the right and the responsibility to >> JDD> pick up the slack created by the other party so that other systems >> JDD> do not receive the same net.abuse ours have. >> >> This would be true if you represented an extension of law enforcement. JDD> Actually, your assessment is inaccurate. Law enforcement is far JDD> more constrained in their sanctioned actions than the laity. I, for JDD> example, can engage in dumpster diving at will to find information I need. JDD> Law enforcement cannot do so without the blessing of the courts. And this is precisely because it is illegal. I'm not a lawyer (or an ethics expert !clearly!) but perusing other people's property appears to fall into one of the camps you describe earlier...So, I have to ask myself, by what standard, and by whom will I be judged? And that's the standard I will apply (I'm assuming only one will apply here, and if more than one applies, I have to make a value judgement right?). >> JDD> The only thing that would color such a practice as even remotely >> JDD> unethical would be later utilization of such findings for the >> JDD> purpose of further spamming or other nefarious conduct. >> >> Who defines nefarious? JDD> Simple. Anything you'd do that would not make your mother proud. JDD> ;) But seriously, we don't need to define was 'is' is here. Nefarious is JDD> simply a cute word I use to entail further net.abuse. >> The rule of law defines it. And there are agencies established for the >> purpose of enforcing the law. JDD> And while many an agent in said agencies are good people doing JDD> good work, the reality is that agencies are bureaucracies. And as JDD> bureaucracies, they move at a positively glacial pace...and with the rapid JDD> pace of the 'net, their involvement is not simply impractical, it's JDD> counterproductive. The net.realities of today have simply outpaced the JDD> laws provided by the legislature. Thus, relying on old (and increasingly JDD> archaic) laws and agencies for definition and handling of genuine JDD> net.realities is kludgy at best, silly at worst. >> JDD> As a rule, when my systems are spammed via an open relay, I do >> JDD> indeed perform open relay tests on the offending system to confirm >> JDD> that the relayed spam is genuine or trivially spoofed[2]. With >> JDD> those findings, >> >> So how does one justify any scanning beyond that which is required to >> determine the source of a problem in the course of one's day to day >> duties JDD> All scanning is done from a "rule out" standpoint. I rule out JDD> other possible explanations [spoofing, forgery, misconfigured MTA data] as JDD> it pertains to the spam that appears to have come from an open relay or JDD> proxy and then gather the data. Once that's done, a fairly clear picture JDD> of what's what has emerged. Ahh, so we're on the same page. We're not talking about scanning 65k ports then (for example)...I guess I misunderstood. >> and furthermore with the end goal of notifying the cognizant authority >> of the offense? JDD> Whenever my systems are attacked, I take it upon myself to JDD> accumulate all evidence necessary to present to the cognizant admin of the JDD> offending system. My reasons are twofold: first, they can use the JDD> information to compare to their own logs (rather than go on a large JDD> fishing expedition), and that saves time; second, I've met more than my JDD> fair share of "admins" who couldn't find their butt with both hands. JDD> Those folks need a *lot* of hand-holding in order to bring the net.abuse JDD> to a conclusion. >> JDD> I file my reports with the cognizant admins and/or upstream >> JDD> providers so that an end may be put to that nonsense. >> >> All well and good, but again - to what end, the additional scanning? JDD> I'm not sure what you mean. I don't keep on scanning every system JDD> that's poked, prodded or spammed mine after I've gathered the information JDD> I require. Hell, if I did that, I wouldn't have time to do anything else. heheheh. So let it be written then. Thanks for the response!! JDD> - -Jay JDD> ( ( _______ JDD> )) )) .-"There's always time for a good cup of coffee."-. >====<--. JDD> C|~~|C|~~| (>------ Jay D. Dyson - jdysonat_private ------<) | = |-' JDD> `--' `--' `How about a 10-day waiting period on YOUR rights?' `------' JDD> -----BEGIN PGP SIGNATURE----- JDD> Version: GnuPG v1.0.7 (TreacherOS) JDD> Comment: See http://www.treachery.net/~jdyson/ for current keys. JDD> iD8DBQE+EKJkTqL/+mXtpucRAkMHAJ9roysRFsNI0t2z874ID5xjIfgSZgCeM7vY JDD> m5AmsjNb4QAmxoKOg71SKOA= JDD> =TL7v JDD> -----END PGP SIGNATURE----- - Regards, Greg PGP Fingerprint: 723E 7CAD 4EF5 D904 1EE8 5279 71A5 A594 E6A7 C48E ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Dec 30 2002 - 13:34:45 PST