Read and Answer the Question at the bottom

Miller Harrison was still working his way through his attack protocol.

Nmap started out as it usually did, by giving the program identification and version number.

Then it started reporting back on the first host in the SLS network. It reported all of

the open ports on this server. The program moved on to a second host and began reporting

back the open ports on that system, too. Once it reached the third host, however, it

suddenly stopped.

Miller restarted Nmap, using the last host IP as the starting point for the next scan. No

response. He opened another command window and tried to ping the first host he had just

port-scanned. No luck. He tried to ping the SLS firewall. Nothing. He happened to know the

IP address for the SLS edge router. He pinged that and got the same result. He had been

blackholed, meaning his IP address had been put on a list of addresses from which the SLS

edge router would no longer accept packets. Ironically, the list was his own doing. The IDPS

he had been helping SLS configure seemed to be working just fine at the moment. His attempt

to hack the SLS network was shut down cold.

It seems obvious that Miller is breaking at least a few laws in his attempt at revenge.

Suppose that when his scanning efforts had been detected, SLS not only added his IP

address to the list of sites banned from connecting to the SLS network, the system also

triggered a response to seek out his computer and delete key files on it to disable his

operating system.

Would such an action by SLS be ethical? Do you think that action would be legal?

Suppose instead that Miller had written a routine to constantly change his assigned IP

address to other addresses used by his ISP. 1) If the SLS intrusion system determined what

Miller was doing and then added the entire range of ISP addresses to the banned list, thus

stopping any user of the ISP from connecting to the SLS network, would SLSs action be

ethical?

2)What if SLS were part of an industry consortium that shared IP addresses flagged by its

IDPS, and all companies in the group blocked all of the ISPs users for 10 minutes? These

users would be blocked from accessing perhaps hundreds of company networks. 3) Would that

be an ethical response by members of the consortium? What if these users were blocked for

24 hours?