Originally posted here by Viperbite
In my opinion "helping them" is wrong. Its just like going to someones house and breaking in non destructivly then telling them how you got in there or just breaking in to learn about lock picking.</QUOTE>

Actually, it's more like finding the door to your neighbor's house standing wide open, with the keys still in the lock. I don't have to break into other people's computers to learn, but I will never own as many systems as are available on the internet. Does this mean that I launch attacks against random hosts with wild abandon? Absolutely not! But if I notice that my ISP is running an unpatched copy of ProFTPD, I'll tell them about it.

And tell them. And tell them again.

The problem here involves tape monkeys and SysAdmins who have a platefull of issues before I dragged my sorry-ass along with this eensy teensy vulnerability in a service that has worked quite well for the past 2 years, Thank-You-Very-Much. The last thing the IT department needs is some project to get done before midnight. Now I could shrug my shoulders and say &quot;Oh well, not my problem.&quot; But I'd be wrong. It's my ISP, and it's a service I use, and it damn well IS my problem. Could I complain? Yes, but that's just pointing fingers and not getting the job done. I could fix the problem myself, but loading new software on a system would invariably cause more havoc when it's discovered that some script will not run, or the host keeps crashing, and honestly, I just don't know enough about the network to be able to make that kind of decision.

The question here is, how do I make it apparent to the people who need to know that there is a problem. I've found that the quickest way to do this is send a message from root to root, stating the problem, and also giving information on a solution. This is white hat. This is what I practice. Any system, service, or network I use needs to be secure. I want to be able to trust this ISP, or that email server. And honestly, when my DSL router gets shipped to me with out a login or password set, I get anxious.

<QUOTE>Oh yea by the way 2600 is full of hacker idiology and propaganda. Just look at how they talk about Kevin Mitnick and everything as if he wasnt guilty read it with a open mind approach and you'll see its all propaganda.
Anything written is propoganda. The menu at your local favorite restraunt is propoganda. It entices you to BUY MORE. They have an agenda. The local daily newspaper has their own agenda. I have an agenda. By writing this reply, I want to sway your opinion. Same as the message originally asked of this group.

Don't decry propoganda until you understand how it works and permeates our society.