Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] sysadmin ethics after security breach
  • From: Martin Leweling <lewelin@xxxxxxxxxxxxxxx>
  • Date: Thu, 24 Jan 2002 16:57:17 +0100
  • Message-id: <20020124155714.3A50C100F@xxxxxxxxxxxxxxxxxxxxxxxx>

On Thursday 24 January 2002 14:30, Matt Hubbard wrote:
> List,
> Assuming you can positively identify the origin of a successful crack
> (and that's a big assumption considering drones, spoofing, etc.) what
> does the community of sysadmins think about vigilante justice?

Bad Thing.

> Should we
> just counter-strike if there is no legal recourse?

No. That's a criminal offence. There's not even a grey area here, it's
either black or white.

> As a young sysadmin, I am looking for a moral principle. Responding in a
> legal manner is what
> distinguishes us from the cracker, right?

Though it may sound boring, yes.

> Still, I get very angry just
> thinking about the possibility of a successful attack on one of my
> systems. Any thoughts?

If you have waterproof evidence (i.e. you did not tamper with it during your
investigations), contact law enforcement authorities. Otherwise, get over it.

> Apologies if this seems off topic - but I am
> studying many of the popular attacks and as a result I am in the
> difficult position of knowing how to use them (as well as defend against
> them).

Good for you, as long as you obey (and don't place your own
home-brewn "moral principles" above) the law. The Wild West is history,
at least in modern western civilizations (<digress> or one should think so ...
mumblemumble ... Guantanamo ... Woomera ....</digress>).

> Matt Hubbard

Martin Leweling
Martin Leweling
Institut fuer Planetologie, WWU Muenster
Wilhelm-Klemm-Str. 10, 48149 Muenster, Germany
Tel.: +49-251-83-33557 Fax: +49-251-83-39083
E-Mail (work): lewelin@xxxxxxxxxxxxxxx

< Previous Next >
Follow Ups