On 04/14/2011 07:54 PM, Nathan Eisenberg wrote:
Is tracking down the original user and letting them know about the config leak a standard practice, necessary or "the right thing to do"?
Municipal networks often provide some emergency services, and we all know what the VA provides. Once you know whose gear it is, I guess you have to decide if you'd be willing to have a little bit of that organization's (or their patrons) blood on your hands.
Especially in the case of the VA, for me, the answer is 'hell no'. If it was "Joes defunct sprocket startup", I'd likely just format flash: and move on.
A few months back I had exactly this situation - I bought a switch off ebay that was still loaded with it's config, and it had come from yahoo.com. Now, I am the good netizen and I flagged them about this and was able to help them find the source which I assume they 'fixed' this leak. The data in the fig file could have been (mis)used to yahoo's network security disadvantage and wherever you stand I think we all can agree that cluing them in was the right thing to do. But for someone else's startup, probably would not have bothered. Mike-