Re: RPAT - Realtime Proxy Abuse Triangulation

From: Stephen J. Friedl (steveat_private)
Date: Thu Jan 02 2003 - 13:14:48 PST

Next message: Ed Street: "RE: Mysterious "Support" account created on Win2k server"

Previous message: Russell Fulton: "Re: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation"
Next in thread: Stephen P. Berry: "Re: RPAT - Realtime Proxy Abuse Triangulation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

For what it's worth in this "ethics" discussion, the machines that RPAT 
scanned were not open spam relays, but anonymous HTTP proxies that were 
being used to actively attack our site by brute-force password guessing. 
I don't believe that "getting lots of spam" really constitutes an 
"attack", but what prompted the development of RPAT very much did.

Steve

-- 
Stephen J Friedl • Software Consultant • Tustin, CA •   +1 714 544-6561
www.unixwiz.net  • I speak for me only •   KA8CMY   • steveat_private



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Ed Street: "RE: Mysterious "Support" account created on Win2k server"
Previous message: Russell Fulton: "Re: What constitutes authorized server access? - was Re: RPAT - Realtime Proxy Abuse Triangulation"
Next in thread: Stephen P. Berry: "Re: RPAT - Realtime Proxy Abuse Triangulation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 02 2003 - 18:45:27 PST