No subject

Jonathan Hutchins hutchins at opus1.com
Thu Aug 23 04:13:49 CDT 2001


> -----Original Message-----
> From: Ahmik [mailto:drbeams at hotmail.com]

> What would be the legal grounds for a program that retaliates 
> against an attacking machine once it has determined an attack is going 
> on ... a self defence mechanism ... the right to protect property ?

IANALB Any form of taking the law into your own hands opens you to
prosecution, with only the sympathy of judge and jury to fall back on.  And
the jury is going to know how much about computer crime?

The legal procedure is that you take your evidence to the authorities, and
they take the action.

Consider just how sharp you really are about attacks to begin with - if you
(or I) were good enough to be certain beyond all doubt that you had
identified the guilty machine, would you be posting your question here?
Origin spoofing is one of the first levels of guarded attack.

What about collateral damage from your attack.  Could your ISP, or the ISP
of the "attacker" go after you for traffic charges or other damages?
Probably.

Consider what kind of "attack" you're talking about here.  Is it something
causing demonstrable damage to property of yours?  Or is it your neighbor
trying out that port scan utility he just downloaded?  Even a DOS attack can
only be shown to have caused you legal damage if you run a commercial site
that looses money for each minute it's down.  Even then, it can be argued
that the Internet is inherently unreliable, and that's one of the risks you
take when going on line.

What about your obligation to take due diligence to secure your host against
attack?  Have you plugged every loophole that a lawyer with a good research
team could find?  If not, you'll be paying that research team's salary.

So if you're gonna do it, be perfect, don't get caught, and don't tell
anybody.

Especially us.




More information about the Kclug mailing list