>From a big university's point of view, probing ports is very petty compared
>to date rape and all the other problems faced on campus. This is the perception
>held by our campus public safety people.
>Even when we "catch" someone actually breaking a law, it's hard to put the
>offense into context with other types of offenses to give people (univ.
>administrators and public safety) a sense of the harm done. A couple of
>exceptions to this seem to be email threats and child pornography.
I understand this but consider it my moral obligation to notify a responsible
individual at the source of such a probe. In fact IMNSHO the ideal situation
would be for the A6 to realize that I am watching and not to test my net any
further. This is somewhat selfish but there you are.
My only obligation is to protect my site and this is one of the ways I have
found effective. I also keep a list of sites who "don't care". (don't ask)
A number of years ago I took exception with Mr. Goldstein of 2600 over his
handling of an incident with New York schools over the fact that he published
information about the school system without notifying them that he was doing
so - I did not question his right to publish, just the ethical question of
doing so without notification of a vulnerability they were not aware of.
So IMHO, it is my duty to notify a site if something out of the ordinary
is occuring within their boundaries. How they react is their business. Am
not a lawyer so cannot say but I *suspect* this changes the status of the
notified organization from "we didn't know" to "we knew and did nothing"
if something hapens in the future. Just a thought.