Possibly nefarious users
Brendan Kehoe
Here's a question: how do other people deal with users that they *think*
are doing no-nos around the net? One of our users had the habit of
occasionally going net-surfing and doing the hit-and-run type of
attempts (trying 'guest' usually), but I didn't have any real proof--only
through other people. (He tended to come on about 2 hours before I'd
get up to go to work.)
After a lil chat with him, he calmed down. (He's since dropped out. <cough>)
What do other places do?
Brendan
--
Brendan Kehoe - Widener Sun Network Manager - bre...@cs.widener.edu
Widener University in Chester, PA A Bloody Sun-Dec War Zone
Vanilla Ice == Richard VanWinkle .. hehe .. hohoho .. Hahahahahahahaha.
Dan Ehrlich
BK> Here's a question: how do other people deal with users that they *think*
BK> are doing no-nos around the net? One of our users had the habit of
BK> occasionally going net-surfing and doing the hit-and-run type of
BK> attempts (trying 'guest' usually), but I didn't have any real proof--only
BK> through other people. (He tended to come on about 2 hours before I'd
BK> get up to go to work.)
BK> After a lil chat with him, he calmed down. (He's since dropped out. <cough>)
BK> What do other places do?
As Penn State is still in the process of formulating an official policy this
is what we currently do in the Computer Science department. This is not
neccessarily the best approach, but it seems to work most of the time.
If we *think* that someone is engaging in abuses, either locally or
net-wide, as much information as possible is gathered and presented to the
department head. The department head will usually ask the individual to
drop by for a chat. If said individual does not heed the advise being
offered the department head will usually ask the we more closely monitor
unusual events of all kinds and gather more concrete eveidence of abuses.
With this information in hand a second meeting will usually get things under
control. If this does not work the department head always has the option of
refering the incident(s) to the Office of Student Conduct Standards.
Once Penn State's policy is formalized I will be posting a copy to this news
group.
--
Dan Ehrlich - Sr. Systems Programmer - Penn State Computer Science
<ehr...@cs.psu.edu>/Voice: +1 814 863 1142/FAX: +1 814 865 3176
Ron Newman
>are doing no-nos around the net? One of our users had the habit of
>occasionally going net-surfing and doing the hit-and-run type of
>attempts (trying 'guest' usually), but I didn't have any real proof--only
This is a no-no? This is how many people I know first became
acquainted with the Arpanet (as it was called back then). If someone
has a 'guest' account it seems like this is an invitation for the
outside world to look around; not much different from 'anonymous' ftp.
(I like that term, 'net-surfing'. I'll have to pass it on to a
friend of mine who first discovered the network while attending
the University of California at Santa Barbara!)
/Ron Newman rne...@bbn.com
Matthew J. Harper
>In article <2D....@cs.widener.edu> bre...@cs.widener.edu (Brendan Kehoe) writes:
>>
>> Here's a question: how do other people deal with users that they *think*
>>are doing no-nos around the net? One of our users had the habit of
>>occasionally going net-surfing and doing the hit-and-run type of
>>attempts (trying 'guest' usually), but I didn't have any real proof--only
>This is a no-no? This is how many people I know first became
>acquainted with the Arpanet (as it was called back then). If someone
>has a 'guest' account it seems like this is an invitation for the
>outside world to look around; not much different from 'anonymous' ftp.
This is indeed a no-no. Not a whole lot is being done about it legally at the
moment, but a few cases have come to trial and the accused have been found
guilty of actions such as this. (Randomly banging on machines to try and
gain access.)
Just because a guest account exists does not mean that it is there for all in
the world to log in and look around! Perhaps if we looked at a different
situation from the same outlook:
If you leave your car unlocked with the keys in the ignition, does this give
anyone who walks by the right to take it for a spin? Even if they return it
where they found it, nobody saw them do it, and there is really no proof that
they were there?
I think anyone would be pretty pissed if this happened.
Is there really a difference?
Matth
--
Matthew J. Harper UUCP: mit-eddie!progress!matth
Progress Software Corp. Internet: ma...@progress.com
5 Oak Park Disclaimer: My words & ideas, That's all.
Bedford, MA 01730
GaRY NEweLl
> This is indeed a no-no. Not a whole lot is being done about it legally at the
> moment, but a few cases have come to trial and the accused have been found
> guilty of actions such as this. (Randomly banging on machines to try and
> gain access.)
Could you point me towards some of these cases - I find it hard to believe
that the only thing the accused did was try to log into a machine - I
assume that there was some form of damage no?
Matthew T. Russotto
>
>Just because a guest account exists does not mean that it is there for all in
>the world to log in and look around! Perhaps if we looked at a different
>situation from the same outlook:
>
> If you leave your car unlocked with the keys in the ignition, does this give
>anyone who walks by the right to take it for a spin? Even if they return it
>where they found it, nobody saw them do it, and there is really no proof that
>they were there?
>
> I think anyone would be pretty pissed if this happened.
>
> Is there really a difference?
Is there really a similarity? I see a guest account as an invitation.
Oh, and if you made a habit of leaving your car unlocked with the keys in the
ignition, and people came by and took it for a spin now and then, I suspect
the cops would just laugh at you for being such an idiot if you tried to
prosecute them.
--
Matthew T. Russotto russ...@eng.umd.edu russ...@wam.umd.edu
.sig under construction, like the rest of this campus.
Adrian J Ho
>This is indeed a no-no. Not a whole lot is being done about it legally at the
>moment, but a few cases have come to trial and the accused have been found
>guilty of actions such as this. (Randomly banging on machines to try and
>gain access.)
How did they go about doing it? By trying for "guest" accounts, or
sneakier means (password cracking, system bugs, etc.)? I'd say
there's a _big_ difference -- in the latter case, you're trying to
gain access *where no such access was ever provided for you in the
first place.*
If the perpetrators you refer to gained access via "guest" accounts,
I'd bet that they're on trial for _misuse_ of the account (eg.
password cracking), *not* unauthorized access.
IMHO, unless a "guest" account user is notified somehow (eg.
/etc/motd) that "this account is _only_ for use by faculty in Uni. of
X", you don't have a case against anyone outside the U. using the same
account, since the scope of "legal use" was not made known to him/her.
>Just because a guest account exists does not mean that it is there for all in
>the world to log in and look around!
Perhaps, but _why_ do you have a guest account on your machine to
begin with, knowing full well that the world _can_ log in and look
around? Aren't you concerned with system security?
> Perhaps if we looked at a different
>situation from the same outlook:
[ car-with-key-in-ignition analogy deleted]
> I think anyone would be pretty pissed if this happened.
Sure they would, but why did they leave their cars unlocked with the
keys in the ignition to begin with?
> Is there really a difference?
Yeah, leaving your key in the ignition might be an honest mistake. I
don't see creating a "guest" account as an honest mistake (if it was,
you're not much of a sysadmin, are you?)
Also, the car has an owner, and anyone . Who owns a guest account?
[Now you know why I hate analogies. They almost never completely
describe the situation at hand.]
>Matth
To answer the original posting: Brendan, if I suspected one of the
users on our cluster of doing "no-no"s on the net, I'd ask him/her if
s/he has been doing such a thing. Even if the person is guilty and
denies it, my question may give him/her the impression that you're on
to the, er, "proceedings", which may very well be enough to halt the
casual net-surfer.
I'd also watch out for any abnormal activity on the system (the nature
of such activity would of course depend on what you suspect the
perpetrator to be up to).
Dave Alden
>Oh, and if you made a habit of leaving your car unlocked with the keys in the
>ignition, and people came by and took it for a spin now and then, I suspect
>the cops would just laugh at you for being such an idiot if you tried to
>prosecute them.
At first I thought you were kidding, but then I read your other posts and I
realized that you just don't have a clue. Rather than waste bandwidth I'll
just point those with a similar opinion to the Internet worm case with Robert
Morris(sp?) - he tried a similar line of reasoning and lost in court.
...dave
John Pierce
>
> Here's a question: how do other people deal with users that they *think*
> with him, he calmed down....
Well, if talking to them about what you *think* they're doing is sufficient,
then there's no problem... If it turns out not to be....
One of the things one could do is hack things a little so one could turn
session recording on/off for uids/gids of one's choosing. If one were to
turn recording on, one would probably also quit throwing away accounting
records... just save them someplace convenient. If one got assurance that
one's suspicions had been correct, one might then go back through the
official accounting records. One probably couldn't get *proof* from those,
but one could generally find enough stuff to strongly implicate that the
suspect was in fact being a bad guy. That could possibly be used to convince
them to listen a little more closely to the word "stop".
Of course, if one did that, it probably be a violation of the offender's
right to Privacy and right to Due Process; and I personally would find such
action morally repugnant; and the leadership of the Chemistry Department
would certainly never condone such actions; and I strongly suspect that it
would violate University Policy; and it would clearly violate the God-Given
right of schmuck undergrads to break into and trash other people's accounts
without punishment; and it would seriously damage the well-known article of
the Constitution that allows jerk grad students to with impunity use a
computer to sexually harass new workers in their labs.
Brian Kantor
attempt - but then, you see, I've been arpanauting since about 1971,
when just about every system on the net HAD a guest account. Most don't
nowadays, but it's no harm to ask. Think of it as ringing the doorbell.
Trying anything else might be cause for concern. But "guest"? Naw,
that's ok.
BTW, UCSD hasn't got any guest accounts. But if you try to log on as
guest, you'll politely be told that, then disconnected. According to
our logs, two or three people a day do precisely that, and most of
them don't try anything further. They're happy and so am I.
- Brian
John Otto
>Ron Newman <rne...@bbn.com> writes:
>>In article <2D....@cs.widener.edu> bre...@cs.widener.edu (Brendan Kehoe) writes:
>>> Here's a question: how do other people deal with users that they *think*
>>>are doing no-nos around the net? One of our users had the habit of
>>>occasionally going net-surfing and doing the hit-and-run type of
>>>attempts (trying 'guest' usually), but I didn't have any real proof--only
>>This is a no-no? This is how many people I know first became
>This is indeed a no-no. Not a whole lot is being done about it legally at the
>moment, but a few cases have come to trial and the accused have been found
>guilty of actions such as this. (Randomly banging on machines to try and
>gain access.)
>Just because a guest account exists does not mean that it is there for all in
>the world to log in and look around! Perhaps if we looked at a different
>situation from the same outlook:
> If you leave your car unlocked with the keys in the ignition, does this give
>anyone who walks by the right to take it for a spin? Even if they return it
>where they found it, nobody saw them do it, and there is really no proof that
>they were there?
Mostly I'd be thinking how stupid I was to leave it that way. If you leave
your systems unlocked; you deserve to have people access them.
Dean Brooks
>In article <1991Jun7....@progress.com> ma...@progress.COM (Matthew J. Harper) writes:
>>
>>Just because a guest account exists does not mean that it is there for all in
>>the world to log in and look around! Perhaps if we looked at a different
>>situation from the same outlook:
>>
>> If you leave your car unlocked with the keys in the ignition, does this give
>>anyone who walks by the right to take it for a spin? Even if they return it
>>where they found it, nobody saw them do it, and there is really no proof that
>>they were there?
>>
>> I think anyone would be pretty pissed if this happened.
>>
>> Is there really a difference?
>Is there really a similarity? I see a guest account as an invitation.
Of course there is. That is the current problem; many people see a
guest account as an invitation. Simply because there is an account
named with the letters "g", "u", "e", "s", "t" or "d", "e", "m", "o"
that doesnt necessarily have a password, does *NOT* mean that it is
legal for you to access the account.
However, as you point out, a guest/demo account w/out a password is
a very stupid idea.
>Oh, and if you made a habit of leaving your car unlocked with the keys in the
>ignition, and people came by and took it for a spin now and then, I suspect
>the cops would just laugh at you for being such an idiot if you tried to
>prosecute them.
That doesn't change the fact that it would be illegal.
--
de...@coplex.uucp (Dean Brooks)
Copper Electronics, Inc.
Louisville, Kentucky
Per Abrahamsen
>>>>> On 8 Jun 91 15:52:49 GMT, de...@coplex.uucp (Dean Brooks) said:
Dean> Of course there is. That is the current problem; many people see a
Dean> guest account as an invitation. Simply because there is an account
Dean> named with the letters "g", "u", "e", "s", "t" or "d", "e", "m", "o"
Dean> that doesnt necessarily have a password, does *NOT* mean that it is
Dean> legal for you to access the account.
How about a ftp account named "anonymous"? Is that an invitation?
What would you name an login account anyone could use?
FSF used to have a guest acoount which everybody was allowed to use.
It was named "guest". Was that a bad name choice?
(predictably, someone chose to misuse the account, it has been closed now)
Jon Allen Boone
> moment, but a few cases have come to trial and the accused have been found
> guilty of actions such as this. (Randomly banging on machines to try and
> gain access.)
These cases, I would assume, are mainly people who were trying to
access machines without guest accounts and a password of guest. (isn't
that the standard?) In the case of user: guest passwd: guest, I'd say
that the access was pretty much up to whomever wanted to use it. Now
if they had a user: guest and password setup to specifically limit
access, then that would be more in line with the trials I imagine you
describing.
> Just because a guest account exists does not mean that it is there for all in
> the world to log in and look around! Perhaps if we looked at a different
> situation from the same outlook:
Depends - see above.
> If you leave your car unlocked with the keys in the ignition, does this give
> anyone who walks by the right to take it for a spin? Even if they return it
> where they found it, nobody saw them do it, and there is really no proof that
> they were there?
>
> I think anyone would be pretty pissed if this happened.
>
> Is there really a difference?
Yes. By using your car, they are preventing you from doing the
same. By using your guest account, however, they, in most situations,
will not be depriving you of resources. Also, they may well damage
your car by driving (a well-built, quality car still has the
possiblity of the user breaking it); your guest account, if correctly
installed, would not have the ability to damage the system. These
seem like two important distinctions to me.
----------------------------------|++++++++++++++++++++++++++++++++++++++++
| "He divines remedies against injuries; | "Words are drugs." |
| he knows how to turn serious accidents | -Antero Alli |
| to his own advantage; whatever does not | |
| kill him makes him stronger." | "Culture is for bacteria." |
| - Friedrich Nietzsche | - Christopher Hyatt |
-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
Leonard Erickson
>IMHO, unless a "guest" account user is notified somehow (eg.
>/etc/motd) that "this account is _only_ for use by faculty in Uni. of
>X", you don't have a case against anyone outside the U. using the same
>account, since the scope of "legal use" was not made known to him/her.
No. The law is exactly the opposite. Unless *you* know that the account
is for general access, you do not have the right to use it. There are
legitmate reasons for having a "guest" account (with no password) on a
system. But just as with an unlocked door, *you* are not the person
it was left unlocked for.
--
Leonard Erickson leo...@qiclab.uucp
personal: CIS: [70465,203] 7046...@compuserve.com
business: CIS: [76376,1107] 76376...@compuserve.com
Leonard Erickson
> Yes. By using your car, they are preventing you from doing the
>same. By using your guest account, however, they, in most situations,
>will not be depriving you of resources. Also, they may well damage
>your car by driving (a well-built, quality car still has the
>possiblity of the user breaking it); your guest account, if correctly
>installed, would not have the ability to damage the system. These
>seem like two important distinctions to me.
Sorry, but it is *impossible* to use even a guest account and not be
using *some* system resources. A socket, if nothing else. More likely
one of a *limited* number of ports.
Finally, the *correct* moral standard is "it's not yours!", not "But I'm
not hurting anything." Property rights *do* exist in c-space.
Jon Allen Boone
> No. The law is exactly the opposite. Unless *you* know that the account
> is for general access, you do not have the right to use it. There are
> legitmate reasons for having a "guest" account (with no password) on a
> system. But just as with an unlocked door, *you* are not the person
> it was left unlocked for.
As I understand it, this isn't a discussion of what the law says.
Therefore, it should be regulated to where it belongs - in the law
books. Certainly that's the way it is currently - that doesn't mean
that it's the way it OUGHT to be, which, I understand, is what we're
discussing (as usual).
leo...@qiclab.scn.rain.com (Leonard Erickson) writes:
> Sorry, but it is *impossible* to use even a guest account and not be
> using *some* system resources. A socket, if nothing else. More likely
> one of a *limited* number of ports.
Perhaps on the systems you use - our the systems never have that
sort of a problem - we always have enough resources (such as sockets,
etc.) to allow someone to access them, if they want to. However, our
department has decided that it's too much of a security risk to allow
acccess via guest accounts or anonymous ftp. Now, if you eat up our
disk space, then people might get upset - more likely, the problem
would get forwarded to me and I'd kill your files. End of story.
> Finally, the *correct* moral standard is "it's not yours!", not "But I'm
> not hurting anything." Property rights *do* exist in c-space.
Actually, the *correct* moral standard isn't "it's not yours!" -
that's silly. Property rights *SHOULDN'T* exist in c-space. It's
incredibly dumb to take up sectors and sectors of disk space just
because you can - if we had a more open system, my files could exist
on any machine - they could be so well distributed that the resulting
drain on *ANY ONE PARTICULAR SYSTEM* would be negligible. Clearly,
the extension of property rights to cyber-space will result in a
less-than-optimal use of resources merely to satisfy stupid primate
instincts is those who have the $$$ to buy disks, ethernet
controllers, etc. BLECH!
Dave Hayes
>>IMHO, unless a "guest" account user is notified somehow (eg.
>>/etc/motd) that "this account is _only_ for use by faculty in Uni. of
>>X", you don't have a case against anyone outside the U. using the same
>>account, since the scope of "legal use" was not made known to him/her.
>No. The law is exactly the opposite. Unless *you* know that the account
>is for general access, you do not have the right to use it. There are
>legitmate reasons for having a "guest" account (with no password) on a
>system. But just as with an unlocked door, *you* are not the person
>it was left unlocked for.
Can you guys explain, then, the case where charges were dropped in an
unauthorized entry prosecution because the system said: "Welcome to..."?
--
Dave Hayes - Network & Communications Engineering - JPL / NASA - Pasadena CA
da...@elxr.jpl.nasa.gov da...@jato.jpl.nasa.gov ames!elroy!dxh
If your own vice happens to be the search for virtue,
recognize that it is so.
Ace Stewart
>This is indeed a no-no. Not a whole lot is being done about it legally at the
>moment, but a few cases have come to trial and the accused have been found
>guilty of actions such as this. (Randomly banging on machines to try and
>gain access.)
Wait a minute. If you have a userid GUEST on your system, _expect_
people all over the internet to try to use it. If you want a limited
group of people to use it, I suggest creating a userid of another
color (i.e. different than guest) Why? Because guest is a _standard_
on the Internet.
Now, if the user is banging on the machine in other accounts, or has
found out there is a guest account and beats on it using the normal
passwords and still refuses to stop after some time...well heck, let
the sysadmin know (please, lets not get back into sysadmin authority)
on the other end of the connection and leave it to them.
Or, stop allowing access from that site.
>Just because a guest account exists does not mean that it is there for all in
>the world to log in and look around! Perhaps if we looked at a different
>situation from the same outlook:
Well...why is it there then? Do you take-out users which try to use
anonymous FTP on your system, and if it doesn't have it, want to make
sure that they lose their account? The userid anonymous is a standard,
just like guest is. Whether or not the "Internet" started off with the
idea of this doesn't matter now. It's too late :)
> If you leave your car unlocked with the keys in the ignition, does this give
>anyone who walks by the right to take it for a spin? Even if they return it
>where they found it, nobody saw them do it, and there is really no proof that
>they were there?
What the heck is it with car analogies? If you leave your car unlocked
and with the keys in it, and it gets stolen...I bet you dimes to
donuts if you tell your insurance company that and try to get
insurance for your stolen car, they'll tell you you're out of your
mind and suggest buying a few Yugos if you want to do it again.
Were they there? Well, if no one saw them do it, how the hell do I
even know that anything was done that I should or should not be pissed
about? We're discussing things and making issues of things we're not
even sure happened!!!
--Ace
--
Ace Stewart | Affiliation: Eastman Kodak Company, Rochester, New York
jste...@rodan.acs.syr.edu jste...@sunrise.bitnet jste...@mothra.cns.syr.edu
jste...@sunspot.cns.syr.edu a...@suvm.bitnet rs...@suvm.bitnet
Ken Crater
>In article <1991Jun7....@progress.com> ma...@progress.COM (Matthew J. Harper) writes:
>>(Randomly banging on machines to try and gain access.)
>Wait a minute. If you have a userid GUEST on your system, _expect_
>people all over the internet to try to use it. If you want a limited
>group of people to use it, I suggest creating a userid of another
>color (i.e. different than guest) Why? Because guest is a _standard_
>on the Internet.
I'm with Ace on this one. The login "guest" has evolved into a
standard on the Internet signalling the intent to allow
(non-destructive) use by otherwise uninvited individuals, much
the same as anonymous ftp. Attempting once to log into a system
as "guest" hardly rates as "random banging", hanging around to
try every other login name you can think of *does* and crosses
the threshold of acceptable behavior rather dramatically.
The first implies acceding to the use of the system as intended
by the sysadmin, the latter implies an attempt to circumvent that
intention. To otherwise have a (non-passworded) userid "guest"
on your system is really dumb, something akin to leaving your
car unlocked, with the keys in it and a sign saying "please use
me" (sorry, couldn't resist continuing the car bit :-).
Seems to me that intent rules here. If a reasonable person would
judge that the intent of the sysadmin was to allow public access,
and acts in a responsible manner (with benign intent) in using
that access, I think you'd have a hard time making a *legal* case,
let alone a moral one, against such use.
--
** Ken Crater___________________...@control.com **
** Chair, Bylaws Committee | President **
** Industrial Computing Society | Control Technology Corporation **
John M. Blasik
>
>No. The law is exactly the opposite. Unless *you* know that the account
>is for general access, you do not have the right to use it. There are
What law?
and then da...@jato.jpl.nasa.gov writes:
>
>Can you guys explain, then, the case where charges were dropped in an
>unauthorized entry prosecution because the system said: "Welcome to..."?
Urban Legend.
-- john
Matthew T. Russotto
>adri...@barkley.berkeley.edu (Adrian J Ho) writes:
>
>
>>IMHO, unless a "guest" account user is notified somehow (eg.
>>/etc/motd) that "this account is _only_ for use by faculty in Uni. of
>>X", you don't have a case against anyone outside the U. using the same
>>account, since the scope of "legal use" was not made known to him/her.
>
>No. The law is exactly the opposite. Unless *you* know that the account
>is for general access, you do not have the right to use it. There are
>legitmate reasons for having a "guest" account (with no password) on a
>system. But just as with an unlocked door, *you* are not the person
>it was left unlocked for.
I don't suppose you can quote the law? (For computers, not for illegaly
entry of a residence. BTW, it isn't illegal to enter an unlocked commercial
office building....) Is it the Computer Fraud and Abuse Act of 198x (the
one Morris was convicted on?)
Matthew T. Russotto
Robert Morris Jr. (the Jr. IS significant) did a hell of a lot more than access
a dialup whose status (for restricted use or not) was unknown. What he did
was write a program which would exploit known BUGS in systems and access them--
and tie them up, though I'm told that was a bug in his program. The proper
analogy in this case is joyriding in all the Fiats I could find
if I knew that a well placed blow on a Fiat would open the door, and sticking
a screwdriver behind the dash would defeat the ignition lock.
Ranjan Bagchi
If we're agreeing that Morris' Worm was a Bad Thing, I'm still
going to resist going with saying that the holes in the OpSys were
just like leaving the door open in your car with keys in the ignition.
It wasn't. It was more like picking locks, which everyone knows can
work, but most people aren't going to devote the resources to go about
it. Granted, that Everybody knew about the holes which Morris took
advantage about it, but he did have to use at least a bit of
sophistication to use them, and that's where the difference is.
I really don't think there should be a whole lot of protection
for people who insist on being stupid and having publicly accessible
accounts called "guest".
--
--------------------------------------------------------------------------------
Ranjan Bagchi - asleep...... | v,i,j,k,l,s,a[99];
bag...@eecs.umich.edu | main() {
------------------------------- for(scanf("%d",&s);*a-s;v=a[j*=v]-a[i],k=i<s,j+=(v=j<s&&(!k&&!!printf(2+"\n\n%c"-(!l<<!j)," #Q"[l^v?(l^j)&1:2])&&++l||a[i]<s&&v&&v-i+j&&v+i-j))&&!(l%=s),v||(i==j?a[i+=k]=0:++a[i])>=s*k&&++a[--i]) ;
} /* Osovlanski and Nissenbaum */
--------------------------------------------------------------------------------
Ace Stewart
>Robert Morris Jr. (the Jr. IS significant) did a hell of a lot more
>than access a dialup whose status (for restricted use or not) was
>unknown. What he did was write a program which would exploit known
>was a bug in his program.
I offer the following information and opinion tentatively, but feel it
worthwhile considering. Folx, _someone_ was bound to do this, be
thankful a bug in the program allowed thousands of systems admins to
fix their machines to correct the leaks.
R. Morris, Jr. is being viewed as a bad guy, and depending on your
view of things, he is _all_ bad. Please remember that were he a
different person, a whole other load of things could've happened to
systems that didn't and quite frankly, I can imagine sites that would
still be recovering from the disaster even up to and including today.
And, for all of that, he'll probably get a very good job. :}
David H. Thornley
>Oh, and if you made a habit of leaving your car unlocked with the keys in the
>ignition, and people came by and took it for a spin now and then, I suspect
>the cops would just laugh at you for being such an idiot if you tried to
>prosecute them.
Actually, they probably would laugh at you for an idiot, but they'd also
be of some assistance. They would accept the report and let you know if
your car turned up. Your insurance company will be equally sympathetic
and a lot less helpful.
DHT
Charles H. Buchholtz
>ignition, and people came by and took it for a spin now and then, I suspect
>the cops would just laugh at you for being such an idiot if you tried to
>prosecute them.
I know people who *always* leave their car unlocked with the keys in
it. What if one of the kids has an accident, and the baby-sitter's
car won't start? Of course, this is in rural Kansas, where the chance
of your car being stolen is much less than in urban Philadelphia.
There are neighborhoods where people don't lock their cars, bikes,
houses, or anything. And the people there would get pretty pissed if
you started "borrowing" their cars and bikes or breaking in to their
homes. "Used to be, this was a good neighborhood, you could trust
people."
Suppose you're walking down the street, and it started raining very
hard. Would you try a door, and if it was unlocked, go in out of the
rain? Does it make a difference if the building was a private home, a
church, or a fast-food restaurant? How do you tell a private home
from a church or a restaurant?
There is no simple rule about access to unlocked resources. We learn
a set of cues which tell us what's appropriate and what isn't. In the
Internet community, these standards are forming and are not completely
understood. In a sense, we're discussing whether we want to live in
rural Kansas or urban Philadelphia.
So, when Anne walks uninvited into Bob's home, are you going to tell
Anne that she should respect people's privacy, or tell Bob that he was
stupid for not locking his house? Or mind your own business? What
sort of community do you want to live in?
I am posting as an individual, not as a representative of U. of P.
Charles H. Buchholtz ch...@eniac.seas.upenn.edu
Systems Programmer School of Engineering
University of Pennsylvania.
--
Charles H. Buchholtz ch...@ee.upenn.edu
Systems Programmer (215) 898-2284
Department of Electrical Engineering 200 S. 33rd St, rm 328
University of Pennsylvania Philadelphia, PA 19104
Matthew T. Russotto
The analogy was with joyriding, with the car always returned, not with theft.
Adrian J Ho
> Nothing stupid at all about having publically accessible guest accounts.
Read on.
>If you have a guest account, you expect guests to use it. That's why it's
>called a "guest" account. Much like having an anonymous FTP set up, you
>have it there for people to use it.
Shouldn't you know who your "guests" are? If so, why not create
(temporary) accounts for them outright, instead of mucking around with
a single account named "guest" that's just _asking_ to be messed with?
The analogy with anonymous FTP breaks down when you consider that in
the latter, your capabilities are strictly circumscribed by the FTP
protocol, whereas with a "guest" account, the sky's the limit, once
the user has circumvented any roadblocks you've thrown in his/her way.
>But if you make the point that you don't want people hacking on this account
>and that there isn't much on the machine that's worthwhile, you shouldn't
>have a problem.
Not true. Ever heard of "distributed password-cracking"? Access to
your machine itself is a valuable resource to a sufficiently
enlightened user, especially since distributed processing is all the
rage now, in more ways than one.....
> That's not to say that you don't keep a good eye on what's
>going on there to make sure that there aren't any problems, but that's what
>system administration is all about, folks.
Well, there's enough problems to worry about without leaving my back
door wide open, so I'll pass on "guest" accounts, thank you.
Joel Plutchak
|In article <1991Jun14.0...@cs.umn.edu> thor...@cs.umn.edu (David H. Thornley) writes:
||In article <1991Jun7.1...@eng.umd.edu> russ...@eng.umd.edu (Matthew T. Russotto) writes:
|||Oh, and if you made a habit of leaving your car unlocked with the keys in the
|||ignition, and people came by and took it for a spin now and then, I suspect
|||the cops would just laugh at you for being such an idiot if you tried to
|||prosecute them.
||Actually, they probably would laugh at you for an idiot, but they'd also
||be of some assistance. They would accept the report and let you know if
||your car turned up. Your insurance company will be equally sympathetic
||and a lot less helpful.
|The analogy was with joyriding, with the car always returned, not with theft.
Joyriding uses non-recoverable resources (gasoline, to name the most
obvious), and thus has theft as a component. Even were the perpetrators
to fill up my tank for me before returning the auto, it would still be
illegal and still be their crime, not mine (and still piss me off).
--
Joel Plutchak, Research Programmer/Analyst
Brown University Planetary Geology
Unix: plut...@porter.geo.brown.edu
VMS: plut...@pggipl.geo.brown.edu -or- PGGIPL::PLUTCHAK (VMS: Just say NO!)
Piercarlo Grandi
[ ... on the analogy about a networked computer with a
passwordless guest account being like an unlocked house where
you cannot enter anyhow ... ]
chip> There is no simple rule about access to unlocked resources. We learn
chip> a set of cues which tell us what's appropriate and what isn't.
But there are different cathegories of unlocked resources. Some unlocked
resources are meant to be enjoyed by the public.
chip> In the Internet community, these standards are forming and are not
chip> completely understood. In a sense, we're discussing whether we
chip> want to live in rural Kansas or urban Philadelphia.
Yes and no. Whether locked or unlocked, whether in Kansas or
Philadelphia, a private house can only be legally entered with
permission or in a few other cases.
But we have yet to decide that a computer on the internet is a private
house rather than a supermarket or an office building or a library. To
me Internet machines are service providers, they are not private homes.
If I see an interesting bookshop I don't have, as a rule, to ask
permission to enter and have a look around.
Normally when you walk along a street you know which are private homes
and which are shops you may enter to browse in. On the Internet you have
no visual cues; a passwordless account called 'guest' or 'anonymous' is
an invitation to browse, I would surmise. If that's not the case, I
wonder what would a cue be that the system welcomes the public.
Now question time: if all Internet hosts, including those that have
accounts called 'guest' and 'anonymous' without a password, are to be
presumed private systems, should we get a registered mail letter giving
explicit access permission from any FTP server before attempting to use?
Because surely unless somebody is explicitly authorized in writing,
attempt to use that computer is trespass.
--
Piercarlo Grandi | ARPA: pcg%uk.ac...@nsfnet-relay.ac.uk
Dept of CS, UCW Aberystwyth | UUCP: ...!mcsun!ukc!aber-cs!pcg
Penglais, Aberystwyth SY23 3BZ, UK | INET: p...@aber.ac.uk
Charles H. Buchholtz
>
>Normally when you walk along a street you know which are private homes
>and which are shops you may enter to browse in. On the Internet you have
>no visual cues; a passwordless account called 'guest' or 'anonymous' is
>an invitation to browse, I would surmise. If that's not the case, I
>wonder what would a cue be that the system welcomes the public.
>
>Now question time: if all Internet hosts, including those that have
>accounts called 'guest' and 'anonymous' without a password, are to be
>presumed private systems, should we get a registered mail letter giving
>explicit access permission from any FTP server before attempting to use?
>
>Because surely unless somebody is explicitly authorized in writing,
>attempt to use that computer is trespass.
Where did "in writing" come from?
When I walk down a street, I look at the advertisements (signs,
displays, etc) on each building. If I see a sign saying, "Merit
Bookstore", I may walk up and try the door, to see if they are open.
If a building next to that has no signs on it, I won't try the door to
see if maybe it's open and maybe it's a bookstore.
If someone puts a big sign on their home saying, "We buy an sell used
books", and then leaves the door unlocked, I think I would be excused
for walking in thinking it was a bookstore.
If Archie tells me that foo.bar.edu is the anonymous FTP source for
wonderwidget, then I assume that this is a public service. If someone
writes to comp.sys.sun and says that all the Sun patches are available
on boff.baz.edu, and that you can log in as guest to browse through
them, then I assume that that is a public service.
Why even attempt an anonymous FTP or a guest login, unless you've been
told that that system is providing some service that you might be
interested in?
I am posting as an individual, not as a representative of U. of P.
Charles H. Buchholtz Systems Programmer ch...@seas.upenn.edu
School of Engineering and Applied Science
University of Pennsylvania
Rodney Peck II
>If someone puts a big sign on their home saying, "We buy an sell used
>books", and then leaves the door unlocked, I think I would be excused
>for walking in thinking it was a bookstore.
>
>If Archie tells me that foo.bar.edu is the anonymous FTP source for
>wonderwidget, then I assume that this is a public service. If someone
>writes to comp.sys.sun and says that all the Sun patches are available
>on boff.baz.edu, and that you can log in as guest to browse through
>them, then I assume that that is a public service.
This opens a big question that I've thought of from time to time about
Archie and Ed's comp.archives pointers. I have noticed that my machine
(ipl.rpi.edu) has managed to appear in the archie database and in
comp.archives even though it's not a public resource in the strict sense.
meaning: I'm the system administrator and I never told anyone to have the
general public use our anonymous ftp service, much less put us in a global
database for people looking for archive sites.
It's not that big a deal actually, but to apply your bookstore situation,
this seems to be like my happening to have a few copies of a journal
article that I gave to some people and one of them (not me) made a big
sign that says "journal library here" and stuck it on my front door.
Coincidentally, that front door is "unlocked" in the anonymous ftp sense.
So, in effect, it appears to the archie or comp.archives browser that
ipl.rpi.edu is some sort of archive for the general public, but offically,
it isn't.
Practically speaking, if I wanted to keep things clear about this, I should
have the ftpd print a message saying that this isn't a public facility.
Since the load on the server and the potential for harm is minimal,
I don't really mind.
Just some thoughts...
--
Rodney
Leonard Erickson
>leo...@qiclab.scn.rain.com (Leonard Erickson) writes:
>> Sorry, but it is *impossible* to use even a guest account and not be
>> using *some* system resources. A socket, if nothing else. More likely
>> one of a *limited* number of ports.
> Perhaps on the systems you use - our the systems never have that
>sort of a problem - we always have enough resources (such as sockets,
>etc.) to allow someone to access them, if they want to. However, our
>department has decided that it's too much of a security risk to allow
>acccess via guest accounts or anonymous ftp. Now, if you eat up our
>disk space, then people might get upset - more likely, the problem
>would get forwarded to me and I'd kill your files. End of story.
Really? I'm amazed. We *only* have 250 ports on our main server. And we
have had to take measures to be sure that they weren't being wasted.
(things like users being logged in but just sitting at the system
prompt for *hours*)
I'd be rather surprised if *any* system has so many outdail ports that
the use of on isn't at least a *potential problem.
We get complaints when folks call us and say "Why can't I login?". And
when we discovered that a user had been logging in from several
machines at once to "multi-task" we had a talk with him.
Usage increases to match available resources. And the folks that those
resources were obtained for *should* have first crack at them. (yes, I
know that you disagree with this, I'll get to that)
>> Finally, the *correct* moral standard is "it's not yours!", not "But I'm
>> not hurting anything." Property rights *do* exist in c-space.
> Actually, the *correct* moral standard isn't "it's not yours!" -
>that's silly. Property rights *SHOULDN'T* exist in c-space. It's
>incredibly dumb to take up sectors and sectors of disk space just
>because you can - if we had a more open system, my files could exist
>on any machine - they could be so well distributed that the resulting
>drain on *ANY ONE PARTICULAR SYSTEM* would be negligible. Clearly,
>the extension of property rights to cyber-space will result in a
>less-than-optimal use of resources merely to satisfy stupid primate
>instincts is those who have the $$$ to buy disks, ethernet
>controllers, etc. BLECH!
Sorry, but as long as resources are *limited* this *will* be the case.
Because the impact is *never* going to be "negligible". If your files
are scattered that widely it'll take *extra* resources just for the
"system" to find them. Extra traffic on the net looking for free space,
etc.
You are suffereing from innumeracy. Your argument assumes that adding
up lots of little bites doesn't make one big mess. Even if *you* only
take a sector on each of a large number of machines, that doesn't mean
that the impact is negligible. What you forget is that everyone else
would be doing the same thing! And that adds up fast.
One persons "vital files" are another person's "junk". Under *your*
system, it'd be "first come, first served". This is not practical.
When someone has purchased a system for "X" they are going to *
*justifiably* get pissed off if they can't use it for that when they
want to.
Your complaint is that the resource allocation is "less than optimal"
*for you*! Fine, obtain your *own* resources. If the costs are as
negligible as you make out, then this should not be a problem.
Otherwise, you've just proven my point. It's not a practical way to
allocate things.
For an analogy, We think that you are making less than optimal use
of your living space, so we are (all) going to borrow a little of it.
We do *mot* care that you had that empty space set aside for something
you are going to do next week. After all, you aren't using it *now*...
--
Leonard Erickson leo...@qiclab.rain.com
personal: CIS: [70524,2603] 70524...@compuserve.com
business: CIS: [70376,1107] 76376...@compuserve.com
Leonard Erickson
<leo...@qiclab.scn.rain.com (Leonard Erickson) writes:
<>>IMHO, unless a "guest" account user is notified somehow (eg.
<>>/etc/motd) that "this account is _only_ for use by faculty in Uni. of
<>>X", you don't have a case against anyone outside the U. using the same
<>>account, since the scope of "legal use" was not made known to him/her.
<>No. The law is exactly the opposite. Unless *you* know that the account
<>is for general access, you do not have the right to use it. There are
<>legitmate reasons for having a "guest" account (with no password) on a
<>system. But just as with an unlocked door, *you* are not the person
<>it was left unlocked for.
<Can you guys explain, then, the case where charges were dropped in an
<unauthorized entry prosecution because the system said: "Welcome to..."?
Sure. In *that* case they'd done the exact opposite. Rather than saying
"keep out" or not saying anything, they said "Come on in!".
BTW, I don't think a lot of that decision. But that *was* the logic.
This is why our "remote" login gives a "Only authorized users..."
message if an unauthorized ID tries to use it. If someone is using
an authorized ID without actually being that user, it's illegal
access anyway...
Jon Allen Boone
leo...@qiclab.scn.rain.com (Leonard Erickson) writes:
> jb...@andrew.cmu.edu (Jon Allen Boone) writes:
>
> Really? I'm amazed. We *only* have 250 ports on our main server. And we
> have had to take measures to be sure that they weren't being wasted.
> (things like users being logged in but just sitting at the system
> prompt for *hours*)
I'm not sure of the number of ports (I don't work for the data
communications department) but I can call up the system any time of
the day or night - and if the number I traditionally use is busy
(which is exteremely rare - MAYBE once a month, if that) there are
three or four other numbers I can use. End result: it's not a
problem. (Note: these aren't outdial ports - these are incoming ports
for loggin in.)
> I'd be rather surprised if *any* system has so many outdail ports that
> the use of on isn't at least a *potential problem.
What do you use outdial ports for? Our system may well have NO
outdial ports that are accessible to public users (I've never used
them). We do have as hundreds of workstations on the internet -
providing you access to almost any place that you want to go on the
internet. If you want to call up a local-area bulletin board system,
the you should get your own modem!
> We get complaints when folks call us and say "Why can't I login?". And
> when we discovered that a user had been logging in from several
> machines at once to "multi-task" we had a talk with him.
Never happened here, as far as I know. I can log onto as many
machines as I want - there are special exceptions (some administrative
machines won't let you on at all, without special permission) - if
you're telnetted in, and I log in on console - you lose. But, there's
not a problem with me multi-tasking on multiple machines - in fact, we
used to have a system setup to let you do exactly that!
> Sorry, but as long as resources are *limited* this *will* be the case.
> Because the impact is *never* going to be "negligible". If your files
> are scattered that widely it'll take *extra* resources just for the
> "system" to find them. Extra traffic on the net looking for free space,
> etc.
How the hell do you get "limited"? If your site has so many users
that any one of them using a socket is a problem, then there should be
a serious re-evaluation of your computing systems. Also, note that
this attitude is the same one that keeps universities with a surplus
of computing fascilities (like mine) from sharing them more openly and
regularly with systems like yours. Too bad for you. :(
> You are suffereing from innumeracy. Your argument assumes that adding
> up lots of little bites doesn't make one big mess. Even if *you* only
> take a sector on each of a large number of machines, that doesn't mean
> that the impact is negligible. What you forget is that everyone else
> would be doing the same thing! And that adds up fast.
Not at all. I am perfectly capable of keeping my usage down. In
terms of long-term storage, I think MORE people should have smaller
quotas - there should be MUCH MORE temp space which is, after all,
first come - first serve. With the advent of
multiple-write/multiple-read cd's, and more and more cd devices in
workstations, I think that this will be acceptable. After all, when
you can carry 300meg with you, what the hell do you need a large quota
for? (Note: this argument looks forward -> to the day when MOST
systems have these cd's - it flagrantly ignores the way things are NOW
-> but if you don't look forward and just sit here in the now, things
pass you by. The fact that it MIGHT not be a good idea NOW doesn't
mean it will be a bad idea in 4 years or 10 years or 25 years or 100
years.)
> One persons "vital files" are another person's "junk". Under *your*
> system, it'd be "first come, first served". This is not practical.
> When someone has purchased a system for "X" they are going to *
> *justifiably* get pissed off if they can't use it for that when they
> want to.
As prices fall, this will become less and less common. Quite right
that there is a lot of work to be done - networking bandwidth
expanded, more disks, more memory, etc. But, I never said that any of
that was justification for being pissed. On the contrary - if I'm
using temp space, I expect you to NOT get pissed and just blow my
files away - regardless of your opinion of them.
> Your complaint is that the resource allocation is "less than optimal"
> *for you*! Fine, obtain your *own* resources. If the costs are as
> negligible as you make out, then this should not be a problem.
> Otherwise, you've just proven my point. It's not a practical way to
> allocate things.
I have my own resources - I have unlimited disk quota - at times
I've used as much as 150megs, now I bob along at about 40megs. It's
not a problem. Soon, I may well have 700megs of disk space in my
house - yow! But, allocating quotas of disk space, for example, is a
NON-optimal way of doing things (assuming the existence of
high-capacity, portable media) - for now, you can get away with it -
but if they ever work the kinks out of the floptical drives, forget
it. Buy a machine - buy a gig of disk space - use 250megs for systems
programs and make the rest TEMP space.
> For an analogy, We think that you are making less than optimal use
> of your living space, so we are (all) going to borrow a little of it.
> We do *mot* care that you had that empty space set aside for something
> you are going to do next week. After all, you aren't using it *now*...
Fine. But as soon as I AM going to use it - I'm going to throw your
junk away - unless I can find you and get you to remove it first.