On Tue, Sep 25, 2001 at 07:30:18PM +0100, David Murphy wrote:
> Quoting <3BB0CC2C.9040607 at esatclear.ie>
> by Paul Kelly <longword at esatclear.ie>:
> > How can it be illegal? They requested the machine deinstallation
> > program from your web server. And you've got the Apache logs to
> > prove it.
> I don't believe "They asked for it" will stand up in court.
Probably right. Much better to format their drives so all
trace of your activity is removed. Dead boxes tell no tales.
Use https if it's there to lessen the likelihood of IDSes (*)
noticing.
Thought - services on ports traditionally have warnings about who
can connect: telnet and ftp for example. What would the implications
of an HTTP X- header to the effect that "unauthorised personse should
disconnect and never reconnect; if you're not sure if you're authorised
then you are not." ...? Where might one put such a banner?
Tongue-ily in cheek,
Wesley.
(*) Although the idea that somebody with nimda or code-red on their
network might have an IDS (or other source of reasonably tamper-
proof logs) beggars belief! :-)
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
