[oclug] tuesday afternoon rant about the FBI and an isp
rgiffin at cangurus.com
rgiffin at cangurus.com
Tue Mar 20 10:42:16 EST 2001
Billy, I personally don't doubt you.
I'm saying that the FBI, like the RCMP here in Canada might not appreciate what you are trying to do as much as we would like though - they think differently, more paranoid than normal people. That's not necessarily a criticizm of them either - they're paid to think that way.
But that doesn't stop them from pestering you, obviously. It happens. Once they realize that you're just a normal guy who does normal things on the internet, they'll loose interest.
It could also be that your ISP is trying to spook you too, and that the FBI is not interested in you at all. Maybe they (your ISP) got excited because the FBI might have contacted them for confirmation of your identity, and decided to play a little game with you - you did say the guy doesn't seem to like you for some reason. One way to find out is to contact your local FBI office and ask them bluntly. I understand they have to be honest about it if they are watching you.
On Tue, 20 March 2001, "Billy Omer" wrote:
> I agree. There are many more ISP's other than mine that are running a
> monitor like snort, or works with the FBI or some other sort of Government
> agency to monitor network traffic for suspicious activity. This is both a
> good thing, and a bad thing (as such in my case). For the record, when I
> scanned those two machines, I had no intent to pursue any malicious or
> damaging activities conducted in any way on their machine or their
> network. I was just curious, so to speak, as to what they were running.
> Lets pretend I saw that they were running an IRC server. Lets say that I
> connected to that server, and saw a large group of 25+ people freely
> trading pictures, stories, movies etc.. and blatantly speaking of having
> sex with young children. Think if I would have logged everything, got
> their IP addresses, traced them back to their origin etc.. Now I have a
> list of 25 known pedophiles, as well as a company/network/service-provider
> etc.. freely encouraging this activity.
> Then I would take my findings to the FBI/Interpol (whom ever), and they
> would have a hay day with all of them, the company and MY SELF. All of my
> machines and network equipment would be confiscated and I would be held
> without bond until proven INNOCENT. As far as they know, I was in a chat
> room trading pictures and talking freely about the subject with them. In
> their eye's, I am as guilty as they are. Even though I am acting just as
> an undercover Government agent would conduct their business, I'm guiltily
> of child molestation and accessing child pornography.
> Is this wrong? Of course. Is there anything I or anyone else can do about
> it? No.
> And it is a fact that the FBI does work closely with my ISP. When I worked
> there, I was their contact person. I spoke with them on a weekly basis,
> even helped track down a few people for credit card fraud, stolen
> identities etc.. So it doesn't surprise me that they do have some type of
> monitoring equipment running between the ISP and their backbone connection.
> I feel violated by this. I feel as if I was targeted (as someone else
> said) as a person who was trying to get access to child pornography. In a
> way, yes I was. I needed evidence that they did have this data on their
> machines didn't I?
> So I go back to this: The government is trying to control something they
> can't. They can't because they dont fully understand any aspect of what is
> going on.
> On the portscanning debate, here's how I feel: It is not illegal to scan a
> network/machine. In fact, most of the utilities (like nmap) were created
> as an administration tool, not as a scriptkiddie/hack tool. However, if
> the person was to use the information they gathered from the scan to attack
> a system in some way or to gain unauthorized accessed to the scanned
> machine, then THAT is illegal. Not the scan, the unauthorized use of the
> system. If you notice a scan happening on a given system, watch it
> closely. Keep note of the ports they scanned, and keep a good eye on those
> daemons/services. Once you see an attempt to gain access, THEN pursue the
> appropriate actions.
> That's how I stand. I feel that I was targeted, and feel they are just
> waiting to find something to slam down my front door, take my stuff, slaps
> cuffs on me and make me the main attraction on the 6 o'clock news.
> I do allot of administration remotely. Will they see that I've gained
> access to a machine in California or Florida and take me down because they
> jumped to yet an other conclusion? Who knows.
> > On 20-Mar-2001 Rod Giffin wrote:
> >> On Monday 19 March 2001 20:01, bbarnett at l8r.net wrote:
> >>> On 19-Mar-2001 David F. Skoll wrote:
> >>> > On Mon, 19 Mar 2001, Billy Omer wrote:
> >>> >> What I don't understand is why wouldn't they look at what I was
> >>> >> scanning?
> >>> >
> >>> > Maybe because fighting child pornography in this manner is not the
> >>> > best way to go about it? I appreciate your sentiments, but doing
> >>> > things of questionably legality is really not the way to fight
> >>> > obscenity.
> >>> Erm, scanning someone isn't illegal, and it isn't wrong.
> >> A portscan has one and only one purpose: To check for open ports on a
> >> computer. On a system that you don't own, that is analogous to
> >> testing all the doors and windows on a house. If a cop finds you
> >> doing that, they charge you with attempted B&E.
> > No, they charge you with trespassing. ;) Its not illegal to walk into
> > a house that has an open/unlocked door, FYI. Walking up to the house
> > and turning the knob to see if its open won't land you in court.
> > Many a lawyer would have a hay-day with what you've just said.
> > You are presuming guilt without evidence, or proof of what you are
> > claiming.
> > Non-violent port scans :
> > 1) I am simply curious.
> > 2) I want to know if computer X has anything fun to connect
> > to, be it IRC servers, muds, newservers or something else I can use
> > legitimately.
> > 3) Its my computer, and I am scanning it remotely to see if its secure,
> > or any deamons I am unaware of
> > 4) I believe the person's machine may be infected with something (like
> > a backdoor, or virus) and I want to verify this
> > 5) I am doing scan to see what percentage of what services different
> > computers are running. I am a statistics company of some sort
> > 6) about another 100 or 200 legitimate reasons for scans people can
> > come up with, if they sit around for 10 hours in a pre-court
> > preparedness meeting
> > You see, the big problem right now is that current the person being
> > accused of scanning has no defence, and hearing usually. For example,
> > if I'm dealing with Rogers, or another upstream provider, and I scan my
> > workplace, or I scan a friends computer, or do something else above in
> > a non-commerical but scan friendly way, I am instantly guilty. Even
> > worse, I've seen cases of simple compaints being lodged agains people,
> > and action taken without the accused being informed.
> > This is completely backwards when you look at the rest of our legal
> > system. The mens rea (ok, my latin sucks... but on onus of proof of
> > innocence) is not typically on you. Usually, you are innocent until
> > proven guilty.
> > With something like port scanning, the reverse has been taken by many
> > ISP's and what not, and it MUST STOP. Certainly, any sort of law or
> > bill passed that makes it illegal to port scan needs to be thrown out
> > of our legal system quite quickly.. ESPECIALLY one that insists you are
> > guilty of something until proven innocent.
> > Bah!
> >> Similarily, the law in most jurisdictions says something to the extent
> >> that it's an offence to gain or attempt to gain unauthorized access
> >> to a computer system. One other thing, many jurisdictions are
> >> implementing a law something to the effect that it is illegal to
> >> access a computer system which you know contains child porn.
> >> Kentuckey, as far as I can tell has weak
> >> telecommunications laws, but very strong child porn laws which include
> >> computer access.
> >> Their point of view might be, if Billy knew that there was a child
> >> porn site on the system, why portscan it unless he intended to break
> >> in? It's not a federal offence to leave telnet ports open, or sunrpc
> >> either, and it doesn't help a prosecution. And, it might have
> >> alerted the owner of a system they were monitoring - OR
> >> Billy is falling victim to a plant. That's a system which was placed
> >> there by the FBI in order to identify pedophiles. Accessing the
> >> system several times, hey it's all in the logs - he even tried
> >> several ports, means to them he wants in. It wasn't very hard to
> >> locate the child porn site on the computer, was it. It might have
> >> been designed that way. Now they have somebody they can follow
> >> around the internet just waiting to pounce on.
> >> Rod.
> >> _______________________________________________
> >> oclug mailing list
> >> oclug at lists.oclug.on.ca
> >> http://www.oclug.on.ca/mailman/listinfo/oclug
> > ---
> > Dynamic Hosting
> > HTTP://www.L8R.net/
> > "We Provide Static Hostnames for Dynamic IP's"
> > _______________________________________________
> > oclug mailing list
> > oclug at lists.oclug.on.ca
> > http://www.oclug.on.ca/mailman/listinfo/oclug
> oclug mailing list
> oclug at lists.oclug.on.ca
More information about the OCLUG