[wplug] Govt. authority over crack attempts?

Keir Josephson kjoseph at stargate.net
Fri Sep 26 22:04:55 EDT 2003 

On Friday, September 26, 2003, at 09:28  AM, Russ Schneider wrote:

> Does anyone else think there should be some sort of government 
> authority when it comes to illegal crack attempts of networks?  (If 
> their is one, what is it?)

No. It's still a free country. Besides, laws don't traverse 
international borders like the internet does, so it wouldn't have much 
useful authority anyway.

>
> I mean, it seems that since I set up my new webserver, I get at least 
> one "script kiddie" attempt a day on it (see here for a list 
> http://www.sugapablo.net/scripts.php ).
>
> What I envision is a central database where sys admins can post the 
> IP, date, and script attempted of any attempt to illegally access a 
> network.  This data can then be used by law-enforcement to issue 
> warnings and then fines for inaction to the originating network > owners.

First off, if harm has been done to you, you can report the action to 
the FBI's computer fraud division. However, I believe that there has to 
be proof of malicious intent before they really care.

Second, if you want such a database, your best bet is to get an IDP 
system. It's an intrusion detection AND PREVENTION system. Basically 
the prevention part is to, among other things, automatically block any 
IP's that are deemed to be intruding on your network or attacking your 
internet border(s). The database on that system is controlled entirely 
by you. If that's too much ching to be practical, you could try 
shutting down unneeded services and/or using iptables to set up some 
better protection on the box.

-Keir


>
> Think about it, if you're an AOL or Earthlink user, and you try to 
> crack another network, it would be no problem for AOL to simply shut 
> you off (or pass along the cost of a fine to your credit card), etc.
>
> </rant>
>
> -- 
> Russ Schneider (a.k.a. Sugapablo)
> ------------------------------------
> http://www.sugapablo.com <--music
> http://www.sugapablo.net <--personal
>
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
>

More information about the wplug mailing list