[KLUG Members] Re: legality

Bruce Smith members@kalamazoolinux.org
Wed, 25 Jul 2001 09:20:07 -0400

Previous message: [KLUG Members] Re: legality
Next message: [KLUG Members] Best command to monitor file size change over time?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > I'm not ignoring that point at all.
> > I would have never known he's serving files to the entire internet
> > because I WOULD NOT HAVE LOOKED!!!
> > Just the action of probing for open ports or services can get you
> > in trouble.
> 
> Er, I understand everyone's fear here.  But I don't think the law
> should have a "0 tolerance policy" on private citizens,

I don't think the law has a zero tolerance policy.
We're now confusing this issue with practical matters.  :-)

In practice, I doubt anyone who does NO harm, and has truly good 
intentions, would get in _much_ trouble, but there is always the
possibility of being _accused_ of something.  That can result in 
lawyer fees and other headaches.  (IANAL)

I'm only saying it's best to leave well enough alone.

> Because I once also did leave a file in someone's SMB share.  It was
> text file with an appology for accidently tresspassing onto his
> system.  My dynamic DNS hadn't updated, so I could not SSH into his
> box (which I thought was mine). 

I understand mistakes can happen.  AND THAT IS NOT THE POINT.
The original poster was probing a PC he KNEW WAS NOT HIS.
I'm saying NO to that.  Leave it alone.

> I then looked at port 139, which
> was open, did a smbclient NetBIOS list and saw some open shares.  I
> left a text file with the appology and said, "sorry I had hit port
> 22 on his system, to make it up, I would gladly help him setup a
> firewall," and left my E-mail address.

That's the part *I* would not have done.  Maybe that's just me.

What if there was a real cracker using that PC to crack the FBI
systems, or doing a DOS attack against some major internet site,
at the same time you are leaving a nice message?  Who will get
blamed?  I don't know and I don't want to find out!!!

I've read too many horror stories about the FBI confiscating ALL
of the computer equipment, and all of the media (disks, CD's, )
of some poor smuck who port scanned the wrong computer at the 
wrong time.  And guess what?  You're NEW computer will be long 
obsolete before you get it back, even if you are completely
innocent!  And worse yet, unless you have OFF-SITE backups of
your data, you may have LOST YEARS worth of WORK!!!

I admit that's an extreme and unlikely situation, but it could
happen, and I'm not going to chance it myself.

--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------

Previous message: [KLUG Members] Re: legality
Next message: [KLUG Members] Best command to monitor file size change over time?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]