From jericho@dimensional.com Mon Dec  7 17:29:08 1998
To: Dave Gerstein - Managing Editor 
Cc: errata@attrition.org, ryasin@cmp.com
Date: Mon, 7 Dec 1998 17:16:44 -0700 (MST)
Subject: Re: The Enterprise Strikes Back


Mr. Gerstein et all:

	I am writing to you regarding your recent article titled "The
Enterprise Strikes Back" currently located at
(http://www.internetwk.com/news1298/news120498-12.htm). It was released on
Dec 4, 1998 by Rutrell Yasin.
	As a security professional and computer enthusiast, I found your
article on strike back servers to be poorly researched and extremely
irresponsible. In case you are not aware, several months ago a company
released an article giving vague details about their new product, called a
'blitzkrieg' server. The idea of the server/software was to strike back at
would-be attackers and disable them before they could do damage. Much like
their claims, the claims of this article need to be questioned openly.
	Given current U.S. law, there is absolutely NO question or room to
doubt that any server such as these are illegal to operate. At no time is
it legal to retaliate against someone in such a blind fashion, regardless
of their activity. I'd like to point out an analogy used in the article,
where Mr. Yasin equates this with defending personal property against a
criminal. Mr. Yasin fails to qualify his analogy: the strike-back servers
are more like booby traps set in the home. They are *illegal*. If a
fireman or policeman enter the house to help you, the booby trap does not
distinguish that, and goes off hurting the good guy. The same applies to
the strike-back servers, they can easily go off against innocent third
parties that are nothing more than launch point for hackers.
	To write this type of article, solicit quotes that appear to
support the notion of illegal strike-backs, and to suggest this is the
wave of the future is unprofessional, unethical, and irresponsible.

InfoSec News Moderator