Date: Tue, 7 May 2002 16:46:31 +0200
From: Florian Cramer
Subject: Re: PUBLIC DOMAIN SCANNER
Reply-To: Florian Cramer
Am Tue, 07.May.2002 um 13:14:24 +0200x schrieb knowbotic.research:
> MINDS OF CONCERN::breaking news
> PUBLIC DOMAIN SCANNER
> In the project, we are using non-invasive SECURITY scanning tools, which
> systems administrators alike use in order to detect security holes on the
> Internet servers.
All 1549 scanned ports on (126.96.36.199) are: UNfiltered
Interesting ports on (188.8.131.52):
(The 1542 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
80/tcp open http
111/tcp open sunrpc
443/tcp open https
901/tcp open samba-swat
3306/tcp open mysql
6000/tcp open X11
+ unitedwehack.ath.cx :
. List of open ports :
o general/tcp (Security warnings found)
o general/udp (Security notes found)
o unknown (32768/tcp) (Security warnings found)
o general/icmp (Security warnings found)
. Warning found on port general/tcp
Microsoft Windows 95 and 98 clients have the ability
to bind multiple TCP/IP stacks on the same MAC address,
simply by having the protocol addded more than once
in the Network Control panel.
The remote host has several TCP/IP stacks with the
same IP binded on the same MAC adress. As a result,
it will reply several times to the same packets,
such as by sending multiple ACK to a single SYN,
creating noise on your network. If several hosts
behave the same way, then your network will be brought
Solution : remove all the IP stacks except one in the remote
Risk factor :
. Warning found on port general/tcp
The remote host uses non-random IP IDs, that is, it is
possible to predict the next value of the ip_id field of
the ip packets sent by this host.
An attacker may use this feature to determine if the remote
host sent a packet in reply to another request. This may be
used for portscanning and other things.
Solution : Contact your vendor for a patch
Risk factor :
. Information found on port general/udp
For your information, here is the traceroute to 184.108.40.206 :
>I've never received an email that has caused me quite so much concern,
Yes, you are potentially right. Each network actor who does not follow the
legal guidelines of the political logic of security immediately becomes a
focus of concern.
If we published the precise vulnerabilities of the public domain in the
networks, the 18 U.S.C. 1030 Fraud and Related Activity in Connection with
Computers would make us hackers=terrorists.
(see http://www.usdoj.gov/criminal/cybercrime/1030_new. html
and the new Amendments
In relation to our project PUBLIC DOMAIN SCANNER, minds of
this means concretely:
A) if we used in this Public Domain Scanner the full range of a Security
Scanner, i.e. enact also intrusive scans,
B) and/or we published the adresses of the scanned servers and their
we would turn immediately illegal.
Thats the dilemma: security becomes the leading principle of today's
politics; if you dare to go in this political mousetrap (public domain is
the zone of instability and contestation, and has nothing to do with the
concept of security=regulating disorder by means of appeasement) and
discuss, crisscoss, enact publicly/in networks the concept of security, the
law forces you immediately to obscure the topic.
We had hoped to raise these issues unobscured in an Art museum, but since
Art Instutions are unwilling to enter this zone, even or maybe especially
not in an 'Art Hacking' show, due to the ubiquitous paranoia and threat of
getting sued, - the museum and the curators made it very clear to us that
we as artists are 100% alone and private in any legal dispute -, we decided
by ourselves to hide parts of the information on the scanner.
>, but more importantly, who is behind it?
The artist group Knowbotic Research, based on vulnerable site
220.127.116.11, part of a current show in NY New Museum called
have a look at Critical Art Ensembles Book4: Digital Resistance: (chapter:
2 The Mythology of Terrorism on the Net
and i hope you will find out who uses tactics of near random paranoia,
panic and (virtual) violence in order to define critical people als
terrorists. The sovereign imposes an immanent threat on network actors of
making them terrorists, or even become himself the cracker (see German
interior minister Schily's state actions of cracking websites).
We think the only way of escaping this spectacle of paranoia in networks
demands new tactics and agencies inside the domain of the public. Such new
ways of public acting cannot fall into the trap of the worn dichotomy of
private and public but rather open new possibilities of public agency for
domains of the commons which include tactics which were seen as
inappropriate for the contextualization of the public domain in the
modernist sense. Instead of referring only to the concepts of transparency,
visibility and manifestation, we suggest to upgrade the public agencies
with non-representational activities like encrypting, rendering invisible,
disinforming, hiding, fleeting, tunnelling, disturbing, spoofing, and other
# distributed via : no commercial use without permission
# is a moderated mailing list for net criticism,
# collaborative text filtering and cultural politics of the nets
# more info: firstname.lastname@example.org an
Though, I'm based in Canada, I do keep a regular eye on the New York Times, and I couldn't help but notice the article Matthew Mirapaul wrote, Museum's Cyberpeeping Artwork Has Its Plug Pulled [nytimes.com] which outlined how this work had been closed down by the New Museum.
I wondered if any of the artists, or in fact the curators (who I understand were acting independently of the New Museum), would like to comment on this?
Christian Hübler of Knowbotic Research is quoted as saying that "because when I work with the border as an artist, I want to know at least what the border might be."
This comment made me wonder what kind of legal investigation had preceded the installation of the work - on behalf of the artists, and the curators, and in fact the museum?
As a native of Europe (I'm originally from Denmark), I couldn't help note Mirapaul's comment, that "European digital artists are more politicized than their American counterparts ...".
Aside from the fact that this is a fairly meaningless generalisation (though not strictly 'artists' as such, one can't help reflecting on the fact that RTMark are US based, as are the collective, RSG, who feature in the exhibition with their 'cultural' version of the FBI software, Carnivore), how do the curators view this comment?
Is there a paucity of intellectual political debate in the public artistic sphere, on issues around privacy, secuity, and open information?
If so, why is this the case?
As a colleague of mine pointed out to me as we read the Times this morning, one can't help remembering the overwhelming array of US based events and movements which have promoted the open exchange of information, and have highlighted the insecurity of electronic networks. To mention but a few, the Electronic Frontier Foundation (EFF) was founded in the US, Phil Zimmerman released his PGP book from there, PGP was invented there, the free software movement came from the US, the main PGP encryption algorithims (RSA/Diffe Helman) were invented in the US to promote public encryption, and the first big hacker cases were in the US.
These things been major issues in the Public Domain. Have they not impacted on art discourses in the States at all? And if so, why has this, rather minor technical and legal issue come as such a surprise, causing such a fracas? Is the new media artworld in the US so new/naive to these discourses, that a minor activity such as port scanning could cause such a controversy?
I'd be interested in the responses of both the artists, and the curators, on these points.
Sven Robert Hillman