Mailinglist Archive: opensuse-security (556 mails)
| < Previous | Next > |
Re: [suse-security] Is it possible to return something, so Nimda would crash?
- From: "Thomas Michael Wanka" <tm_wanka@xxxxxxxxxxxxx>
- Date: Sun, 23 Sep 2001 14:27:40 +0200
- Message-id: <3BADF15C.28381.1798A08F@localhost>
Hi,
On 23 Sep 2001, at 1:49, Kurt Seifried wrote:
> While there are laws regarding things like home intruders and the use
> of deadly force for example in some countries there are no laws AFAIK
> making it ok to attack people back online. IF you know of laws
> allowing such behaviour in a country I would love to know about it.
actually you must assume, that the owner of the attacking machine
is not aware of it but a victim himself. If he did it on purpose, a back-
attack could be seen as selfdefense, but it is hardly possible to
proof that at court. Some cable providers here in Austria cut down
customers access because they were (believed) infected by code
red, actually we have no judication by now, if that was legal or not. I
got such warnings too and I have only a NetBSD box without any
server daemons running connected, and a friend of mine with a
win98 box without servers was actually cut off! So you can be shure
these machines were not infected. But with such unprecise laws
people are not likely to take this to court.
BUT: If i correctly understood the technology behind the system, all
you do is to keep hold of the attacker. If his system crashes it is for
a bad implemented TCP/IP stack. I would see this like someone
wants to send you a fax to your (vice) telephone line and you pick
up the phone, and do not hang up anymore. He has to pay the
telephone cost. And I do not think there are laws that prohibt that.
Simplified the program says: "Hi, I am here, please send only very
small packets" and then does not answer anymore until his TCP/IP
stack times out or crashes (whatever happens first).
mike
On 23 Sep 2001, at 1:49, Kurt Seifried wrote:
> While there are laws regarding things like home intruders and the use
> of deadly force for example in some countries there are no laws AFAIK
> making it ok to attack people back online. IF you know of laws
> allowing such behaviour in a country I would love to know about it.
actually you must assume, that the owner of the attacking machine
is not aware of it but a victim himself. If he did it on purpose, a back-
attack could be seen as selfdefense, but it is hardly possible to
proof that at court. Some cable providers here in Austria cut down
customers access because they were (believed) infected by code
red, actually we have no judication by now, if that was legal or not. I
got such warnings too and I have only a NetBSD box without any
server daemons running connected, and a friend of mine with a
win98 box without servers was actually cut off! So you can be shure
these machines were not infected. But with such unprecise laws
people are not likely to take this to court.
BUT: If i correctly understood the technology behind the system, all
you do is to keep hold of the attacker. If his system crashes it is for
a bad implemented TCP/IP stack. I would see this like someone
wants to send you a fax to your (vice) telephone line and you pick
up the phone, and do not hang up anymore. He has to pay the
telephone cost. And I do not think there are laws that prohibt that.
Simplified the program says: "Hi, I am here, please send only very
small packets" and then does not answer anymore until his TCP/IP
stack times out or crashes (whatever happens first).
mike
| < Previous | Next > |