Date: Wed, 4 Apr 2001 15:17:55 -0600 (MDT) From: "Forrest W. Christian" <forrestc@imach.com> To: Chet Hosey <chosey@nidhog.com> Cc: FreeBSD-ISP@FreeBSD.ORG Subject: Re: Chasing the kiddies (was: Named Keep crashing) Message-ID: <Pine.BSF.4.21.0104041438250.10763-100000@workhorse.iMach.com> In-Reply-To: <Pine.BSF.4.31.0104041612470.45811-100000@web1.nidhog.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I've been thinking about the house analogy a bit and I'd like to see if we can use it a little better. Back in the olden days, we all had glass windows and modest locks on our doors. While you made an attempt to keep people out, as a general rule, people didn't go around opening windows and/or doors and if they did they (which was quite uncommon) they generally just looked around a bit and left. After a while, quite a few people started rattling the locks and checking and seeing if the windows were open. While most people still wouldn't go in, or if they did they wouldn't do any harm, there were a few that decided it would be really cool if they found a door or window open that they would toss a molotov coctail inside and burn the house down. At this point, most people decided that it was time to start agressively locking their doors and windows. Those that didn't usually hadn't heard about the risks associated with not doing so, or really didn't care if someone broke in and burnt their house down. Now, the house burners had discovered that house burning gave them a thrill. And the teenagers from the land of AOL and other similar lands had heard about this, but were unable to do so for lack of skill. So the original house burners started producing automated tools to test for open windows and doors, and the teenagers started using them to test a LOT of houses. There were also automated tools for setting houses on fire which the teenagers also used. Eventually, most everyone figured that they should lock their doors and widnows. However, the house burners were addicted to burning houses, and as such they were determined to figure out how to enter a house to burn it down even if the doors and windows were locked. First they discovered that glass breaks, so they could just through their burning objects through the windows. To this, the homeowners responded with bulletproof glass. Then the house burners learned how to pick a certain type of lock, to which the homeowners responded by changing their locks to a upgraded style. As the homeowners found each new way to protect themselves from house burning, the house burners would come up with a new way to burn houses. At each step, the house burners were busy distributing house burning tools to the teenagers. Some of these tools actually entered the house and burnt it down in one step. Eventually, the homeowners were spending more time keeping up with the house burners than actually doing anything else. Each homeowners secret fear was that they would have either missed fixing a potential method of house burning, or had not had a chance to fix the method before a teenager came along which knew more about intrusion methods than the homeowner did, and since the teenagers usually knew about the intrusion method long before it became general knowlege, it was quite often that people had their houses burnt before a fix was available. Now there were a few very big houses which seemed to be inpenetrable even though they let people walk through their houses each day. They just controlled what the teenagers could do while in their house. The teenagers didn't like this much so they quickly learned that they could break into houses near the big house (and since due to the unique geography of this land all houses were near each other, it wansn't hard to find some which hadn't been secured) and lob a lot of flaming objects at the house to surround it. Although the house didn't burn down, it was impossible for the visitors to get into it, and as such it hurt the people who ran the big houses. At this point in the story, it was normal for the typical house to have several teenagers try to break into it a day. Most of these failed, as they were still just checking for glass windows or open doors. Many homeowners ran automated systems which detected intrusion attempts but they could be easily set off without it actually being an intrusion attempt - such as if the mailman knocked on your door to deliver a package. In addition, the poor homeowners couldn't afford to keep up with the upgrades necessary, so they just hoped that the right teenager didn't come along and burn their house down. I think if you relate this to the port scanning/intrusion discussion, you will find that most of us are somewhere between the following two extremes: 1) That gently tapping on someones window to try to determine if it is glass so you can warn the homeowner should be outlawed. 2) That breaking into a house and burning it down should be outlawed. Of course, there are a few that feel that if the homeowner didn't keep up with the latest intrusion fixes that it is their fault. There are of course extremes to this: meaning that there is a broad difference between not even trying to keep up, and keeping up, but still not being 100% fixed. There are also people who blame the housebuilders for not building the house out of nuclear bombproof materials to start with. Add to the above that today, the law states that basically tapping on a window (no matter how hard) might get you a slap on the wrist but probably nothing will jappen. And there is maybe a 1 in a 1000 or so chance that you will get caught for burning down a house. Think about this. - Forrest W. Christian (forrestc@imach.com) AC7DE ---------------------------------------------------------------------- iMach, Ltd., P.O. Box 5749, Helena, MT 59604 http://www.imach.com Solutions for your high-tech problems. (406)-442-6648 ---------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0104041438250.10763-100000>