Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!cis.ohio-state.edu!pacific.mps.ohio-state.edu!linac!att!ucbvax!agate!woodstock.berkeley.edu!smoot From: smoot@woodstock.berkeley.edu (Stephen [Steve] R Smoot) Newsgroups: comp.admin.policy Subject: Re: RFC on my "abuse" Message-ID: <1991Jun26.005039.3976@agate.berkeley.edu> Date: 26 Jun 91 00:50:39 GMT References: <1991Jun25.154257.7452@m.cs.uiuc.edu> <1991Jun25.213406.18977@cis.ohio-state.edu> <25.Jun.91.180934.68@cogsci.cog.jhu.edu> Sender: usenet@agate.berkeley.edu (USENET Administrator) Organization: UC Berkeley Lines: 44 This seems to be partially the same issue as whether randomly trying "guest" accounts is abuse. The problem is that some people offer services to the rest of the community, and there must be a way to get to them. Thus guest and anonymous ftp were created (Necessity being the mother of invention and all that.). There seem to be three kind of sites: 1) ones with *publically* available stuff they want *anyone* to use. 2) ones which want to export to *certain known users*. 3) ones with no interest in others contacting them/using their resources. The only way to serve group 1 is to have well known ways for the resources to be requested. Thus guest and anonymous. The way to serve group 2 is to alert the intended audience and either supply them with a password for guest, or some such. The problem with group 3 is they view being contacted as if they were in group 1 as an invasion, not as an inquiry. IMHO, the guest/anonymous access must be maintained to support group 1. IMHO, people in group 3 should chill about the whole thing. IMHO, people in group 2 should use mechanisms other than guest/anonymous (in a recent thread people from group 2 complaind about users using their sites as if in group 1, when they were *intended to be group 2*, though the group 2 people used just the guest/anonymous (group 1 mechanisms) instead of *bothering* to do something more complex.) The complication, of course, is "the evil hackers" who pretend to look for sites of type 1, but actually want to maliciously steal information/processing power/"just to do it" or etc. reasons. Stopping them yet permitting group 1 sites, is left an an exercise for the reader. -s PS. Returning to the orig. issue. It seems that John was searching for sites of group 1, and was accosted by a group 3 site. This was then complicated by his admin. not dealing with the situation in a straightforward manner (such as emailing a request to stop), but instead by assuming malicious intent and taking unwarranted action. Personally I'm more interested in the deeper question of how to support group 1 and yet keep group 3 happy.