brendan@cs.widener.edu (Brendan Kehoe) (06/26/91)
rickert@mp.cs.niu.edu wrote: > Attempting to anonymous ftp to my site is rude at worst. Using my site >to do something rude to another site is an abuse of privileges. If he wants >to pay for his own computer and connection, the rudeness is his problem. I agree completely with your position, Neil; but there's a problem with what you just said. If I were to, say, do finger bill@foo.bar.com@cs.niu.edu then try mary and steve and don, how've I abused privileges at your site? A different analogy to the FTP-roaming would be, perhaps, calling up every Unix site you can find and trying to log in as nuucp, on the off chance that the site has anonymous UUCP archives. Tho in this case, you're paying for the activity, rather than dispersing it among the many interim places packets will go before reaching an anon FTP site. -- Brendan Kehoe - Widener Sun Network Manager - brendan@cs.widener.edu Widener University in Chester, PA A Bloody Sun-Dec War Zone Top Ten Surprises in Rocky V -- Number 5, Loveable Character Chewbacca Dies
rickert@mp.cs.niu.edu (Neil Rickert) (06/26/91)
In article <NX0=QNA@cs.widener.edu> brendan@cs.widener.edu (Brendan Kehoe) writes: >rickert@mp.cs.niu.edu wrote: >> Attempting to anonymous ftp to my site is rude at worst. Using my site >>to do something rude to another site is an abuse of privileges. If he wants >>to pay for his own computer and connection, the rudeness is his problem. > >I agree completely with your position, Neil; but there's a problem >with what you just said. If I were to, say, do > finger bill@foo.bar.com@cs.niu.edu >then try mary and steve and don, how've I abused privileges at your >site? You haven't. Finger is provided for those kinds of inquiries. But if you set up an automatic script to finger my site every five minutes so you can trace activity you most certainly are abusing this facility and you and others are going to start getting "connection refused". But this has nothing to do with ftp. If anonymous ftp used a different port number so that on failure you got a 'connection refused', then the only abuse is in network bandwidth, which the student had tried to control. However the way ftp works, the student is splattering "invalid login attempt" messages all over the Internet. Many sites take a dim view of these attempts. The Internet is based on an implicit social contract of cooperation. In this case there was a clear violation of that contract. Exactly what he did is not the issue. It is how his acts are perceived. As I see it, there are many different ways this students activities can be stopped: 1. He can be persuaded to stop them. 2. Restrictions on his computer access can stop them. 3. The campus routers can be programmed to not accept packets from this host. 4. The ethernet cable to this host can be pulled. 5. The campus external Internet leased line arrangements can be cancelled. Now I control items 1 and 2. Methods 3,4 or 5 are controlled by people with stiffly starched shirts and pin stripe suits. As I decide whether to act on 1. or 2., I am thinking about the reactions of these starch and pin stripers when they start getting complaints from NASA, from the DOE labs, etc. When they get those complaints they are going to be thinking about research grants, about the muckrakers from the press, about the board of regents, the state board of higher education, and the state legislature. Notice I said "when they start getting complaints", not "if ...". Some people at these sights have hair trigger reactions. So in sum, the question of whether the student is going to be cut off simply does not arise. That is a forgone conclusion. It is a question only of how he will be cut off. Now I much prefer choices 1 or 2 (preferably 1) to all of the other options. -- =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= Neil W. Rickert, Computer Science <rickert@cs.niu.edu> Northern Illinois Univ. DeKalb, IL 60115 +1-815-753-6940