Network legal regulation
The Internet is a global association of computer networks and information resources belonging to many different people and organizations. This union is decentralized, and compulsory single rulebook (laws) Internet usage is not established. There are, however, generally accepted norms of the Internet, designed to ensure that the activities of each user on the network does not interfere with the work of other users. Fundamental provision of these rules
is this: the rules of use of Internet resources determine the owners of these resources, and only they (hereinafter, the word "resource" refers to any combination of software and hardware components in one sense or another single unit. resources of the Internet can be considered, for example, mailbox , a personal computer, a virtual or a physical server, a local area network, the communication channel, etc.)
This document is one of the possible formal descriptions of the accepted norms of networking, considered in most networks (both within and outside the Internet itself, and available from the Internet in some indirect way) binding on all users. Such or similar rules apply to all available network resources when not known in advance the rules established by the owners of these resources on their own.
As practice shows, the majority of Internet users expect from other users of network performance generally accepted norms, because their violation entails serious problems of the web, both technical and due to the human factor. When you create a document does not attempt to formulate the goals of universal rules of the web, duplicate provisions of the legislation of various states, etc. The document covers only intranet standards prevailing in the international online community as a manifestation of self-preservation on the Internet.
The document's authors hope that this formalization of generally accepted norms will be useful both network administrators in the development of access rules for users and end-users of the Network in order to avoid conflict situations in their daily work. In addition, this document will help you determine what behavior is reasonable to expect the user to other participants networking and when you can consider themselves victims of unacceptable actions.
1. Restrictions on information noise (spam)
Web development has led to the fact that one of the main problems was the glut of information users. Therefore, a network community has developed special rules aimed at protecting the user from unwanted / unsolicited information (spam). In particular, are not valid:
1.1. Bulk messaging via e-mail and other means of personal information exchange (including immediate delivery service messages, such as SMS, IRC, etc.), except for clearly and unambiguously expressed recipients initiative.
Open publication of e-mail addresses or other personal information exchange system can not serve as the basis for inclusion in any list of addresses for mass mailing. Enabling address obtained by any means (via a web form, through the subscription robot, etc.), the list of addresses to which conducted any delivery may only be subject to the availability of appropriate technical procedures confirm the subscription, ensuring that the address is not get on the list, except by the will of the owner of the address. Subscription confirmation procedure should exclude the possibility of getting the addresses in a mailing list of recipients (single or regular) at the initiative of third parties (ie persons who are not owners of the address).
One must have the possibility to any subscriber immediately leave the list without any difficulty in the event he so wishes. The presence of the opportunity to leave the list itself can not justify making addresses to the list will not address owner.
1.2. Sending e-mails and other messages that contain attachments and / or have a significant amount, without the prior permission of the addressee.
1.3. Subscribe (other than by direct initiative of the recipient)
a) e-mails and other communications (including single) advertising, commercial or promotional nature;
b) letters and messages containing rude and insulting expressions and sentences.
c) the sending of a request to send this message to other users available (chain letters).
d) Use of impersonal ("RPG") addresses except for their intended purpose, established own addresses and / or standards.
1.4. Accommodation in any conference messages that are not relevant to the theme of this conference (off-topic). Hereinafter, the conference stands for teleconference (newsgroups) Usenet and other conferences, forums and mailing lists.
1.5. Accommodation in any conference advertising, commercial or promotional nature, except when such messages are explicitly allowed by the rules of the conference or their placement has been agreed with the owners or administrators of the conference in advance.
1.6. Accommodation in any conference of messages with attached files, except when the investment is expressly permitted by the rules of the conference or such accommodation has been agreed with the owners or administrators of the conference in advance.
1.7. Dissemination of information to recipients previously explicitly expressed an unwillingness to receive this information, the information in this category or information from the sender.
1.8. Using your own or provided information resources (mailboxes, email addresses, WWW pages, etc.) as his contacts in the commission of any of the above actions, regardless of what the Net these activities were performed.
1.9. Implementation of technical security spam (spam support service), such as:
- Targeted scanning of informational resources to collect email addresses and other message delivery services;
- The distribution of software for spamming;
- Creation, verification, maintenance or dissemination of databases of email addresses or other message delivery services (except in cases when the owners of all addresses included in this database, explicitly expressed their consent to the inclusion of addresses in this particular database; open publication addresses such consent can not be considered).
2. Prohibition of unauthorized access and network attacks
Implementation is not allowed unauthorized access to network resources, carrying out network attacks and network hacking and participation in them, except in cases when the attack is carried out on a network share with the express permission of the owner or administrator of the resource. Including prohibited:
2.1. Actions aimed at the disruption of the network elements (computers, other hardware or software) not belonging to the user.
2.2. Actions aimed at gaining unauthorized access to network resources (computer, other equipment or information resource), the subsequent use of such access, as well as the destruction or modification of the software or data not belonging to the user, without the consent of the owners of this software or data, or administrators this information resource. Under unauthorized access means any access method other than the alleged owners of the resource.
2.3. Transfer computers or network equipment senseless or useless information that creates the parasite load on these computers or equipment, as well as the intermediate portions of the network in excess of the minimum necessary to verify network connectivity and availability of its separate elements.
2.4. Targeted actions to scan network nodes in order to identify the internal structure of networks, lists of open ports, etc., except to the extent necessary to carry out the minimum technical staff activities that are not aiming at a violation of paragraphs 2.1 and 2.2 of this document.
3. Compliance with the rules established by the resource owners
The owner of any information or technical resource network can either set this resource to use it own rules. How to use resources or reference to them are published by the owners or administrators of these resources at the connection point to such resources and are binding on all users of these resources. Rules should be easily accessible, written with different levels of user training.
How to use the resource, the owner must not violate the rights of holders of other resources or lead to abuses of the other resources.
The user is obliged to observe the rules of use of the resource, either immediately stop using it.
If the rules established by the owner of the resource, contrary to those or other items of this document in respect of the resource, the rules established by the owner, if it does not lead to violations against other resources. In case the owner of the resource group is clearly established rules for only part of the resources for the rest of the rules set forth herein.
4. Inadmissibility of falsification
A significant portion of web resources does not require user authentication and allow anonymous use. However, in some cases, the user is required to provide identification information and used them to his means of access to the web. The user must not:
4.1. Use the identification data (names, addresses, phone numbers, etc.) of third parties, except in cases where these persons authorized user of such use.
4.2. Falsify your IP-address and the addresses used in other network protocols for data transmission in the network.
4.3. Use non-existent return addresses when sending emails and other messages.
4.4. Casually refer to the privacy of their own identity details (such as passwords and other codes of authorized access), which may lead to the use of particular resources by third parties on behalf of that user (with concealment, so the true source of action).
5. Customize your own resources
When using the Internet user becomes its full participant, which creates the potential for use of network resources that are owned by, third parties. In this connection, the user must take appropriate measures to this configuration of its resources, which would prevent abuse of the resources of these third parties, and upon detection of the occurrence of such use to take swift action to stop them.
Examples of potentially problematic configuration of network resources are:
- Open relays e-mail (open SMTP-relays);
- Public servers for unauthorized publication of news (conferences, groups);
- The means to an unauthorized third parties to conceal the source of the compound (open proxies, etc.);
- Public Ethernet multicast addresses that allow for their help with attacks such as smurf;
- Electronic mailing lists with insufficient reliability mechanism subscription confirmation or without the possibility of its abolition;
- Www-sites and other similar resources, asking for sending correspondence to third parties on an anonymous or insufficiently authenticated request.