Loading ...
Sorry, an error occurred while loading the content.
 

Re: OT: ethics

Expand Messages
  • Brian Mathis
    In general this is a bad idea and you should stop doing it immediately. In the best case it would be seen by the other side as an attack on them from you. In
    Message 1 of 6 , Jul 1, 2009
      In general this is a bad idea and you should stop doing it
      immediately. In the best case it would be seen by the other side as
      an attack on them from you. In the worst case they might retaliate
      even more against you with some other kind of attack. Considering
      that over 80% of spam is now sent by botnets
      (http://arstechnica.com/security/news/2009/06/report-botnets-send-over-80-of-all-spam-in-june.ars),
      you'd be scanning infected machines and not learning anything about
      anyone other than a home user's ISP, and risking that ISP from
      reporting YOU as an attacker to your ISP.

      The best thing you could do (and even this will have marginal success)
      is to report the IP to the ISP that owns the address you received the
      spam from. They might be able to take that system offline.

      Otherwise, just block the suckers and move on. You probably have
      better things to do with your time.

      On Wed, Jul 1, 2009 at 3:37 PM, ghe<ghe@...> wrote:
      > Wietse says something like "Spam is war -- RFCs don't apply." OK, but how
      > about nmap ethics?
      >
      > I've started hitting spam IPs and their nets with nmap to find out who they
      > are and maybe a little of what they're up to (and using the info to decide
      > if the net belongs in my packet filter). What's the opinion of the list? Is
      > this OK, or just plain rude?
      >
      > --
      > Glenn English
      > ghe@...
      >
      >
    • ghe
      ... Good point, well taken. Thank you all. -- Glenn English ghe@slsware.com
      Message 2 of 6 , Jul 1, 2009
        On 7/1/09 1:49 PM, Brian Mathis wrote:

        > Otherwise, just block the suckers and move on. You probably have
        > better things to do with your time.

        Good point, well taken. Thank you all.

        --
        Glenn English
        ghe@...
      • Benny Pedersen
        ... http://www.spamhaus.org/drop/index.lasso drop this in firewall and let fail2ban do the rest -- xpoint
        Message 3 of 6 , Jul 5, 2009
          On Wed, July 1, 2009 22:01, ghe wrote:
          > Good point, well taken. Thank you all.

          http://www.spamhaus.org/drop/index.lasso drop this in firewall

          and let fail2ban do the rest

          --
          xpoint
        Your message has been successfully submitted and would be delivered to recipients shortly.