[32941] in North American Network Operators' Group
Re: Port scanning legal
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Tue Dec 19 12:13:06 2000
Message-Id: <200012191703.eBJH3nCW233176@black-ice.cc.vt.edu>
To: Jeff Wheat <jeff@cetlink.net>
Cc: nanog@merit.edu
In-Reply-To: Your message of "Tue, 19 Dec 2000 11:05:40 EST."
<EJELLAKIBEKLHMFNPPDLEEMGNCAA.jeff@cetlink.net>
From: Valdis.Kletnieks@vt.edu
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==_Exmh_504113120P";
micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
Date: Tue, 19 Dec 2000 12:03:49 -0500
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_504113120P
Content-Type: text/plain; charset=us-ascii
On Tue, 19 Dec 2000 11:05:40 EST, Jeff Wheat <jeff@cetlink.net> said:
> Isn't that just sweet... So in a nutshell it is *not* illegal
> for kiddies to port scan a network looking for vulnerabilities.
> It would seem to me that such scans would impair the integrity
> of ones networks, or am I just smoking crack?
1) It's only binding on the one US Circuit Court district.
2) It's narrowly written to only prohibit counting the time spent
investigating a port scan as "damages". So if you're billable for
$200/hour, and spend 1 hour checking the portscan and 10 hours fixing
the hack-in they found, if you're computing damages for civil or criminal
action, it's only $2,000, not $2,200.
3) Let's not forget that a *scan* only actually impairs the integrity
of a network that hasn't been secured against scanning. You'll never
have somebody walk up to you and say "Hey, your front door is unlocked"
if you always lock your front door.
The problem starts when somebody takes the information gathered from
the scan and actually uses an exploit. And case law seems to be pretty
clear in most jurisdictions that have computer crime laws - using an
exploit is a no-no.
And no, please don't go scanning our nets to find stuff for us - we're
quite aware of exactly what shape our 2 /16's are in. ;)
--
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech
--==_Exmh_504113120P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
Comment: Exmh version 2.2 06/16/2000
iQA/AwUBOj+U9XAt5Vm009ewEQIz+ACeNxCyhb0d2NRDomEiXprq7479pxEAoKAJ
odh4nv5dhy5+72il+2iUdBV9
=9KaZ
-----END PGP SIGNATURE-----
--==_Exmh_504113120P--
