Ok, you've got the guessing of URLs as possibly unauthorized. Let's try a different real world analogy. You cut your finger, and go to the doctor, who then puts stitches in. On your way home the stitches fall out. Is it the doctor's fault that they fell out and can he be sued for malpractice? The answer is usually yes. So, why is it, when a company has hired a "computer professional" and that professional fails to properly secure the computer that they get a no foul/no harm card, but the person accessing it is a criminal hacker? In my opinion if an "exploit" is simple and something that any expert/power user/novice in the field can do and the "exploit" is known and a company hasn't taken the necessary steps to protect it then they have implicitly allowed it. How is any person to know that a company has hired incompetent individuals? Are we to assume that every company has hired illiterate brain-dead computer professionals? Is it your stance that computer professionals are a bunch of brain-dead people? Why do you hold computer professionals to such a low standard of responsibility?
Now gaining access to wireless networks is another ball of wax, because any joe blow can go out and get one and may not set it up properly. In this case it is the fault of the manufacturer for not giving it a sane configuration. Would we allow companies to make self-loading guns that if not configured properly can go off anytime killing anyone unlucky enough to get in the way of it? No, of course not.
So why are so many "get out of jail free" cards given to experts and professionals and corporations that fail to make and configure computers and computer equipment correctly?
As far as the host -l command, where is it documented that it's an unauthorized activity? How would an aspiring computer geek come to know that it might not be meant for querying external computer networks?
Lastly, I take issue with your way of speaking about computer statements. You refer to them as commands, but what you are speaking of are really requests. You issue a request for information, and get a response. You give a command that makes an action happen, to which you may or may not get confirmation or information back from. host -l is a query, a question, a poser to a local or remote computer. It's something that doesn't have to be answered. In this case through the negligent conduct of the computer staff it was left improperly configured to respond to queries from the external network. It would be a logical conclusion of an expert or wannabe expert that it was left open intentionally on a big powerful company server. Again, if it was on a joe's fly-by-night company it might be he configured it himself and didn't know what he was doing. But that's an unlikely scenario.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/463/34875#34875