Re: ethics of listing proxy service

From: David Zanetti <dave@dont-contact.us>
Date: Fri, 15 Jan 1999 09:51:49 +1300 (NZDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[To state what position I'm comming from, I both work for an ISP, and a
number of external client which I've setup with squid boxes..]

On Wed, 13 Jan 1999, Andrew Daviel wrote:
> On this list is a certain company
> which doesn't wish to be on it, running an open proxy (didn't have
> ACL, does now I think).
>
> What do people think of the ethics of publishing apparantly public
> services on well-known ports? I thought it might be compared to
> a search engine testing port 80, but my correspondant thinks it's more
> like testing port 25 for mail relay. I think it's rude; he thinks it's
> abuse.

If Company X has a reachable machine with services they don't want
publically used, then they should take all reasonable steps to ensure it
isn't publically used. If they are incapable of doing that, or believe
that people shouldn't probe etc, they shouldn't be managing anything
connected to the Internet. The reality is, people _will_ probe, people
_will_ abuse. It's sad but it's true.

That said, the listing service _should_ have notified any site it found
and asked if they wished to be listed. It's a simple thing to do, and
it'll give them a lot more repsect than blind-listing. Otherwise, as you
say, it smacks a little of providing a list of abusable hosts.

The Internet is a hostile network now, treat it as such. Firewall to hell
and back, and be paranoid. At least, that's my 2c.

[Usual disclaimers apply, these are my own words, they don't represent the
opinion/viewpoint of my employers, IANAL, YMMV etc etc]

.------.------------------------------------------.----------------------.
| (__) | David Zanetti <dave@lynx.co.nz> | Support/Helpdesk: |
| ( oo | Systems Adminstrator, Lynx Internet Ltd. | (03) 379 0568 |
| /\_| | Moderator, nz.politics.announce | <support@lynx.co.nz> |
`------^------------------------------------------^----------------------'
   WARNING: Messages sent as HTML will be dropped without being read!!

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv

iQA/AwUBNp5Y57qyf8yLySj0EQLKvACgxpwnBWaPCIX14+RMg0yGFtzhI7YAoNIS
DE4AvQssiW4hy3cX6cx9nRsS
=cp43
-----END PGP SIGNATURE-----
Received on Thu Jan 14 1999 - 13:44:19 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:44:02 MST