Coffeehouse Thread

36 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Ethical question (part 2)

Back to Forum: Coffeehouse
  • User profile image
    ZippyV

    Awhile ago W3bbo had the idea of an ethical botnet but most people were against it.

    But what about an application that scans ip adresses for open ports that are used by malware. Then connect to that computer (which is probably part of a botnet) and shut it down (shutting down the system or disabling the network service).

    It will not stop spam or phising sites but it will be a lot harder for hackers to create and use large botnets.

  • User profile image
    Detroit Muscle

    ZippyV wrote:
    But what about an application that scans ip adresses for open ports that are used by malware. Then connect to that computer (which is probably part of a botnet) and shut it down (shutting down the system or disabling the network service).


    People have the right to run malware on their PCs if they want to. You do not have the right to stop them.

  • User profile image
    Cannot​Resolve​Symbol

    Now, maybe if you did that on your own network, but you can't do it on the public internet.

  • User profile image
    AndyC

    It's still vigilante justice. It's still horribly, horribly flawed.

    Any attempt to solve this issue needs to be passive - blocking access from infected machines, not trying to take them out. How many businesses would be prepared to lose revenue from a customer because they "potentially" have an infected machine though?

  • User profile image
    PaoloM

    ZippyV wrote:
    But what about an application that scans ip adresses for open ports that are used by malware.

    Define "malware".
    ZippyV wrote:
    Then connect to that computer (which is probably part of a botnet)

    Define "probably".

    See? It's not that easy Smiley

  • User profile image
    ZippyV

    PaoloM wrote:
    ZippyV wrote: But what about an application that scans ip adresses for open ports that are used by malware.

    Define "malware".
    ZippyV wrote: Then connect to that computer (which is probably part of a botnet)

    Define "probably".

    See? It's not that easy


    I should have defined malware better. It's not because you have spyware on your computer that it should be taken down.
    Only computers/servers that have open ports (opened by a virus) and are listening for commands, essentially computers who are part of a botnet.

  • User profile image
    PaoloM

    ZippyV wrote:
    Only computers/servers that have open ports (opened by a virus)

     But how do you know they have been opened by a virus and not a legitimate process?
    ZippyV wrote:
    and are listening for commands, essentially computers who are part of a botnet.

    Again, listening for commands is a perfectly innocent activity, pretty much all machines are doing it (RPC listeners).

    The issue here is how to determine, beyond any reasonable doubt, if an activity is malevolent in nature. It's more into the phylosophy field than computer science...

    Wink

  • User profile image
    Maurits

    Proactive botnet scouring is questionable unless you're in law enforcement and you have a mandate.

    Reactive scouring is allowable.

    Suppose for example you're getting spammed from a particular IP address.  You are perfectly within your rights to portscan that IP address, and report your findings to the admin of that netblock.

    You are not within your rights to perform any invasive surgery beyond a portscan.

  • User profile image
    zzzzz

    AndyC wrote:

    It's still vigilante justice. It's still horribly, horribly flawed.

    Any attempt to solve this issue needs to be passive - blocking access from infected machines, not trying to take them out. How many businesses would be prepared to lose revenue from a customer because they "potentially" have an infected machine though?



    Knock the computers out.  These people are destorying other peoples computers with noregard.

    Its only vigilante if the law activily is trying to stop it.  Sense the governments are lack lustering and through inaction they have turned it over to us  to solve the problem.

    Fry every computer that destorys other computers with no cause...




  • User profile image
    Maurits

    zzzzz wrote:
    Its only vigilante if the law activily is trying to stop it.


    Um, no...

  • User profile image
    PaoloM

    zzzzz wrote:
    AndyC wrote:

    It's still vigilante justice. It's still horribly, horribly flawed.

    Any attempt to solve this issue needs to be passive - blocking access from infected machines, not trying to take them out. How many businesses would be prepared to lose revenue from a customer because they "potentially" have an infected machine though?



    Knock the computers out.  These people are destorying other peoples computers with noregard.

    Its only vigilante if the law activily is trying to stop it.  Sense the governments are lack lustering and through inaction they have turned it over to us  to solve the problem.

    Fry every computer that destorys other computers with no cause...

    Using my self-appointed powers of quick and rash judgement, I declare your post a malevolent activity (it used precious bits of my bandwidth without my permission!) and thus urging an immediate cyberattack on your system, aimed at knocking your computer offline before you can destroy other people's bandwidth. I am performing a public service and everybody should be grateful and thankful for my actions.

    See how it sounds? Perplexed

  • User profile image
    zzzzz

    PaoloM wrote:


    Using my self-appointed powers of quick and rash judgement, I declare your post a malevolent activity (it used precious bits of my bandwidth without my permission!) and thus urging an immediate cyberattack on your system, aimed at knocking your computer offline before you can destroy other people's bandwidth. I am performing a public service and everybody should be grateful and thankful for my actions.

    See how it sounds?


    One problem with your argument is I did not force you to come here and read my post. 

    In the case of bots/worms/spam  we don't have the choice in the matter.   Plus the added cost


  • User profile image
    PaoloM

    zzzzz wrote:
    One problem with your argument is I did not force you to come here and read my post. 

    In the case of bots/worms/spam  we don't have the choice in the matter.   Plus the added cost

    Ok, then could you describe me the algorythm (sp?) to distinguish between legal and illegal network activity?

  • User profile image
    zzzzz

    PaoloM wrote:
    zzzzz wrote:One problem with your argument is I did not force you to come here and read my post. 

    In the case of bots/worms/spam  we don't have the choice in the matter.   Plus the added cost

    Ok, then could you describe me the algorythm (sp?) to distinguish between legal and illegal network activity?


    I know i'm opeing myself up here, so enjoy.

    does it do damage to a network or computer  if yes return attack, if no do nothing

    Is this email spam.  Yes attack the server that sent it, if no do nothing.

    An armed society is a polite society

  • User profile image
    W3bbo

    zzzzz wrote:
    An armed society is a polite society


    The UK is an unarmed society and we're quite polite as well. I don't think that point holds out.

  • User profile image
    Maurits

    Ah, but you have a powerful friend Smiley

    As TR says, "Speak softly but carry a big stick."

  • User profile image
    W3bbo

    Maurits wrote:
    Ah, but you have a powerful friend

    As TR says, "Speak softly but carry a big stick."


    ...I thought it was "Walk softly and carry a big gun"

  • User profile image
    PaoloM

    zzzzz wrote:
    does it do damage to a network or computer  if yes return attack, if no do nothing

    You didn't define "damage" Smiley
    zzzzz wrote:
    Is this email spam.  Yes attack the server that sent it, if no do nothing.

    And you didn't define "spam" Wink
    zzzzz wrote:
    An armed society is a polite society

    Uh... no.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.