Dynamic IP log retention = 0?

Glen Turner gdt at gdt.id.au
Wed Mar 11 14:56:25 CDT 2009


William Allen Simpson wrote:

> Port scanning is rather common, and shouldn't be considered "attacking" --
> unless it's taking a significant amount of bandwidth.

Attempting to gain unauthorised access to a computing system is a crime in
most countries. Port scanning is a tool used to gain unauthorised access.
(Yes, port scanning can be used for other things, but it's difficult to
argue for those when scanning someone else's machines.)

A telecommunications carrier releasing a customer's details without their
permission, to a non-investigatory third party, without a court order.
Hmmm. It's certainly illegal here in Australia. And last I checked wasn't
the US firm Hewlett Packard in trouble for hiring people to do just that?

So your basic problem is that you have a law enforcement problem, and
the law enforcers don't give this priority. Which leads to one of those
vicious circle thingies, where the ISPs don't give a stuff about their
customers running scans, since they aren't seeing any hassle from Mr Plod,
those customers aren't seeing any consequences, and so the amount of scanning
increases, to the extent where people believe it is normal and acceptable.

Why not contact the FBI. Not because it will help. But because if even 1%
of the libraries in the country do that then the FBI will take the path of
least resistance, which is to hassle ISPs with enough warrants until the
ISPs find it economic to clean up their act, at least with regard to their
own customers.

-- 
  Glen Turner   <http://www.gdt.id.au/~gdt/>




More information about the NANOG mailing list