Originally posted here by MsMittens
What if it you were attacked by someone but they spoofed the IP? So you go after the wrong victim. They in turn sue your ass. And then there's the intermediatary parties. Like ISPs, who generally in their AUPs don't like this kind of stuff. Lawsuit for breach of contract?
Clearly, the law wouldn't help you if you had no clue what you were doing. In your example I would expect someone to take the time to ensure that a proper connection was being made, (3 way handshake), which would confirm that the machine connected is the attacking machine, (regardless of whether it is the owner doing the attacking), and therefore is the nuisance machine. The course of action you would then take would be entirely dependant upon the circumstances and skill level of the attacked person. For example a hijacked cable subscriber, (easy to tell from the DNS and a quick scan), may be able to be remotely shut down..... No harm done... nuisance abated.... Same applies to a lot of web sites that get Nimda'ed or Code Red'ed and there are plenty of those clogging up my IDS logs daily... they could be restarted or even patched since clearly the damned admin could care less about the problem..... It's been advertized for a year now and nothing has been done.