discussing third party's security
uh, heavy to find a good subject for this thread...
however...i will try carefully speaking about.
lets say,
you found a IP in your logfiles to many times,
portscanning your host, trying passwords and so on.
what would you do ?
yes, you would say:
"Let us have a look on it !"
"What ports are open there?"
let's say,
you scanned the host and the only thing you found compromisable
is a anonymous ftp server.
you would login to see whats goin on there, won't you?
but, and thats my question,
what would YOU do if you'd found a way related on the stored files there
to gain administrative rights on that host ?
would you tell the admin there how to compromise his machine ?
may be the machine is beeing used for bad things by UNKNOWN,
the admin could say that YOU have done all that **** there...!?
please tell me what you think about.
and, please please do not answer me like:
"send him your logs" (to show him his machine is goin deep into abuse)
or something equal 'cos i wasn't never in such a situation
and i never ever wasn't there to try getin in.
thanks to you by treating it like never happened ...
stanger
Re: discussing third party's security
Quote:
Originally posted here by stanger
uh, heavy to find a good subject for this thread...
however...i will try carefully speaking about.
lets say,
you found a IP in your logfiles to many times,
portscanning your host, trying passwords and so on.
what would you do ?
Send an email to the abuse desk at the provider hosting that ip.
Quote:
yes, you would say:
"Let us have a look on it !"
"What ports are open there?"
let's say,
you scanned the host and the only thing you found compromisable
is a anonymous ftp server.
you would login to see whats goin on there, won't you?
but, and thats my question,
what would YOU do if you'd found a way related on the stored files there
to gain administrative rights on that host ?
would you tell the admin there how to compromise his machine ?
may be the machine is beeing used for bad things by UNKNOWN,
the admin could say that YOU have done all that **** there...!?
You'll be walking on thin ice here. You DO run the risk of backfire.
Just tell them what you saw in YOUR logs and have them figure out what happened.