OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: MBrownellCalover.com
Date: Tue May 07 2002 - 13:29:52 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

            I say go for it, with one caveat: notify the offending party one
    time beforehand. That would satisfy any realistic ethical concerns I might
    have if I was the one doing the publishing. They may in fact be targeted
    because of the listing (by some lazy ankle-biter), but that ignores the fact
    that they are broadcasting to the world their pre-existing vulnerability.
    They are also not upholding their own ethical responsibility by securing
    their systems beforehand, or addressing the problem of infection after the
    fact. What real affect will it have besides perhaps embarrassment? That's
    the real question.

    Michael

    -----Original Message-----
    From: Deus, Attonbitus [mailto:ThorHammerofGod.com]
    Sent: Tuesday, May 07, 2002 9:55 AM
    To: Focus-MS
    Subject: Publishing Nimda Logs

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

      It is truly sad that so many people are still infected with Nimda. There
      is a company with my corporate ISP that I have notified 3 times now that
      they are attacking other systems. It seems they can't figure out how not
      to install Win2k/IIS5.0 while connected to the net. The sad thing is that
      this is a computer company.

      I have seen a site where people have published the IP of the offending
      boxes for stuff like Nimda and CR. I am thinking about doing the same
      thing so that people can either use that information to block the IP's or
      to do whatever they want for that matter.

      I'm curious to see how other feel about this. Is it:

      1) Recommended. Go for it and publish the IP's and let the "Gods of IP"
      sort out the damage.
      2) A Bad Thing. These are innocent victims, and you will just have them be
      attacked by evil people.
      3) Boring. Who cares? It's Nimda, and an everyday part of life. Deal with
      it and ignore the logs.

      If "1," then I was thinking of going with a "Hall of Shame" and providing
      ARIN look ups, contacts, and the whole bit. I could even allow other
      people to post logs there and stuff like that...

      Input appreciated.

      AD

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 7.1

    iQA/AwUBPNgG6ohsmyD15h5gEQJfaQCgw7Bq3eGkKz5bQtJT2Fs9XQzzz4UAn1mM
    EyRftJHX/w0By48WerwqGjic
    =lP64
    -----END PGP SIGNATURE-----