[29773] in North American Network Operators' Group
Re: scripts kiddie sites
daemon@ATHENA.MIT.EDU (Dana Hudes)
Thu Jul 6 23:11:10 2000
Message-ID: <09a701bfe7a9$7de7dd60$3d5cdcd1@hudes.org>
From: "Dana Hudes" <dhudes@hudes.org>
To: "David Charlap" <david.charlap@marconi.com>, <nanog@merit.edu>
Date: Thu, 6 Jul 2000 20:22:53 -0400
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Errors-To: owner-nanog-outgoing@merit.edu
RoadRunner is such a network. Send them an incident report from =
tcp_wrappers its not enough they want system logs that don't exist.
they basically ignore reports of break-in attempts. More like the Korean =
networks in that respect. And of course there are several .jp domains =
that can't be bothered to lock down their mail relays after being =
notified. Most of the break-in attempts on my server come from .kr
and from roadrunner. I may well just blackhole the netblocks for .kr, I =
don't get legit traffic from them. RoadRunner is another matter.
Now, if RR was in something like the RBL where suddenly their customers =
couldn't get to where they want on the net,
RR would have to take action.
----- Original Message -----=20
From: "David Charlap" <david.charlap@marconi.com>
To: <nanog@merit.edu>
Sent: Thursday, July 06, 2000 7:06 PM
Subject: Re: scripts kiddie sites
>=20
> Karyn Ulriksen wrote:
> >=20
> > For my edjumacation, could someone clarify what a scripts kiddie
> > source network as it's being bandied about here is? I can only
> > *assume*, and I try to avoid doing that (not always successfully).
>=20
> A script kiddie is the most common form of system cracker. He attacks
> remote systems using scripts and programs that were written by other
> people. He usually does not have the brains to write his own attack
> scripts/programs.
>=20
> I would assume that a "scripts kiddie source network" is a network =
where
> the administrators do not bother to investigate reports of system
> cracking attempts from their network. This effectively gives these
> crackers a green light to go and attack people, since they know they
> won't lose their access.
>=20
> This is in contrast to a responsible network, which will investigate
> reports of cracking, and will take action against the crackers by
> terminating their access and/or pressing legal charges.
>=20
> -- David
