Internet.com ISP-Planet

 


Sections

 • Best of the Lists
 • Business
 • CLEC-Planet
 • Equipment
 • Executive
   Perspectives
 • Fixed Wireless
 • Investor
 • Marketing
 • Market Research
 • News
 • Notable Quotes
 • Politics
 • Profiles
 • Resources
 • Technology
 • Value-Added
   Services
 • Webhosting
Also ...
 • About Us
 • Authors
 • Letters
  • Site Map
 • Technology Jobs


 
ISP Glossary
Find an ISP Term
 
Search ISP-Planet


Search internet.com
 
internet.com

Internet News
Small Business

Advertise
Newsletters
Tech Jobs
E-mail Offers

internet.commerce
Be a Commerce Partner
ISP Business



Best of the ISP-Lists

Hack, or Harmless Intrusion?

Is running a port scanner on an ISP's network necessarily a prelude to an attack? What should a responsible ISP do when such scanning is detected?

[August 12, 1999]
Email a colleague

In a thread on ISP-Tech in August of 1999, BM wrote:

"I have a situation where a minor has been running port scans on my network. I personally believe that it's an intrusion, and it also happens to be a violation of our AUP. He says he was running the port scanner to warn users about a virus attack he experienced, and he's begging for us to turn his account back on. His mother even called.

Would you keep this kid or send him packing?"


[BW wrote] "The easy answer is if it violates your AUP then discharge him. You are treading super-thin ice if you allow him to return after violating your AUP. Be tough: The bad eggs will spoil everything in your basket if you leave 'em in.."

[VB agreed] "Even if what he said was true, he hasn't got any business running a port scanner against other people's computers. I don't think anyone in their right mind wouldn't construe having a port scanner run on them a prelude to attack."

[RW wrote] "It is a crime to attempt a hack. Call the FBI and give them the records. Let them do a visit, and wait till the kid—and the parents—get the feel of the feds."

[JB countered] "How ridiculous! You'll turn all ISPs into Big Brother at that rate. A letter from the ISP's attorney to the subscriber and the subscriber's legal guardians is a better way to start. The point is to correct a problem not destroy a life or three.

Here's a policy that a number of my clients follow:

  • Port scanning is preliminary to cracking and is a violation of the AUP.
  • Attempted or successful cracks result in an immediate termination of the client account.
  • For first time offenders, we charge a $75 reconnect fee to cover the administrative expense of handling the complaints.
  • Once an individual has violated this portion of the AUP a second time, s/he is put on a ban list (which has no expiration at this point)."

—End

 

Feedback

Advertising inquiry? Click here!

ISP-Planet's RSS feed

#