[Gllug] Code Red Strikeback
Tom Gilbert
tom at linuxbrit.co.uk
Sat Aug 11 12:27:13 UTC 2001
* Alex Hudson (home at alexhudson.com) wrote:
> On Sat, Aug 11, 2001 at 01:21:20PM +0200, Stig Brautaset wrote:
> > There was a big argument on the debian-user-list about this; many people
> > argued that even just popping a message to the user saying that his/hers
> > machine was infected would be illegal -- but then again, I guess the
> > majority of the people on that list is from the US...
>
> Doing anything to another's machine is illegal - comes under such terms as
> theft of service, etc. So even Tom's script to shutdown IIS is illegal.
> There have also been arguments that the act of CodeRed trying to gain access
> could be construed as illegal; but not on the part of the sysadmin - intent
> cannot be proven (three ingredients needed: you intend to gain access, you
> are not authorised to have access, you know you're not authorised - Computer
> Misuse Act).
It is totally illegal. I want to be quite clear on that - I don't
condone anyone using the script I currently use to shut down IIS.
I am _relying_ on them being happy that I stopped their root-scripted
IIS server and therefore stopped kidiots from formating their drives,
stealing their data or destroying their machine. I am also annoyed
enough with this situation to try and do something about it.
But be in no doubt that anything you do to a machine through a back door
someone else installed could get you into a lot of trouble.
Tom.
--
.^. .-------------------------------------------------------.
/V\ | Tom Gilbert, London, England | http://linuxbrit.co.uk |
/( )\ | Open Source/UNIX consultant | tom at linuxbrit.co.uk |
^^-^^ `-------------------------------------------------------'
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list