[157353] in North American Network Operators' Group
Re: Internet-wide port scans
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Tue Oct 16 12:25:00 2012
To: Darius Jahandarie <djahandarie@gmail.com>
In-Reply-To: Your message of "Tue, 16 Oct 2012 11:38:52 -0400."
<CAFANWtUitfopjF5gCRFy=q92FhUsUstVnodSbpfFLy2FzfxvJg@mail.gmail.com>
From: Valdis.Kletnieks@vt.edu
Date: Tue, 16 Oct 2012 12:23:32 -0400
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1350404612_10805P
Content-Type: text/plain; charset=us-ascii
On Tue, 16 Oct 2012 11:38:52 -0400, Darius Jahandarie said:
> In particular, my understanding was that since you're sending a SYN,
> it could very well initiate access to stored communications (although
What 18 USC 2701 actually says, courtesy of www.law.cornell.edu:
"Offense. - Except as provided in subsection (c) of this section whoever:
(1) intentionally accesses without authorization a facility through which an
electronic communication service is provided; or
(2) intentionally exceeds an authorization to access that facility;
and thereby obtains, alters, or prevents authorized access to a wire or
electronic communication while it is in electronic storage in such system shall
be punished as provided in subsection (b) of this section."
First off, I believe (but don't have citation handy) there's actual case law
that says that a SYN scan doesn't count as "access" (either without or exceeding
authorization). And that's *stored* communications (in other words, your
mail spool, not mail in-flight).
You're better off chasing 18 USC 2511 (wiretapping, where the bits are in
motion), and of course the 800 pound gorilla would be 18 USC 1030 (Fraud and
related activity in connection with computers).
And I'm pretty sure that an NMAP scan doesn't rise to the definition of
'accessed' for any of those. Of course, if the answer actually matters, ask a
competent lawyer you've paid for advice. ;)
--==_Exmh_1350404612_10805P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBUH2KBAdmEQWDXROgAQKRTBAAiZ6BIqhdBGoPfBHY/6mL05y+OZvyd1/+
XZ1aOCKbx6y8xP4uETEwFbhG6TEtHqxgy62+Ccx/H2Tq7W9esq7yYUFKekg36//N
H9fysgFu+QEX3pXQVbCktcm9JcICgPPLfyBM6/qD2em/O8Al0CfqgR1LWLvggryZ
JfON3YF5cRYi2v144VJuSeDTBKwr37mCOfwfpX9mJGtwQiNW+IuPSYuc0Uf80MDB
HPOC898LzIVHe8CEeQPwiwLXZPLApIFYXQpSfGyDd7p843myWjs3cdUAtx0T8DSc
nhy6OJgLTd0Q0JSJ8yYi3pxl0xUqLFRAfrWntlur8tZ6ciAiv4pqbQuHQOTTg74+
OMD+ICL3LE1fMRpWv9i52P4cSXn2zWqgSvl/xqF0D7tUSRB1CqlaSQmjMH0WzEFl
BEvIgWdSaMDg/aoYjQVgg/FlbvY8dR5L+XdsayjyUuF8lrMBYqYErMX74FtG/hfo
Xhk0pZXcTeesi8IoeB13XhNmUzXclN7sh4h9rJVt7W1GbPQlJjswTKBWRDlGowEK
TaAJ46w1OC4TTP3leZJ48P5NZjtGelNtXGVSiokClDHDIfNZOJqi4804lK14X/GP
yFavQ4GsxtGeeDce72+kmzZZ2CobjQf8qWz4zoq3vmMaV2ktaDGHHcfmirmw1vWp
b+EFof8jDNI=
=iyW0
-----END PGP SIGNATURE-----
--==_Exmh_1350404612_10805P--
