[32947] in North American Network Operators' Group
Re: Port scanning legal
daemon@ATHENA.MIT.EDU (Shawn McMahon)
Tue Dec 19 14:00:16 2000
Date: Tue, 19 Dec 2000 13:57:38 -0500
From: Shawn McMahon <smcmahon@eiv.com>
To: nanog@merit.edu
Message-ID: <20001219135738.C10893@eiv.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="4jXrM3lyYWu4nBt5"
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.21.0012191154520.9490-100000@Overkill.EnterZone.Net>; from nanog@EnterZone.Net on Tue, Dec 19, 2000 at 11:59:23AM -0500
Errors-To: owner-nanog-outgoing@merit.edu
--4jXrM3lyYWu4nBt5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Dec 19, 2000 at 11:59:23AM -0500, John Fraizer wrote:
>=20
> Had he likened portscanning someones network to walking into their back
> yard with a ladder, climbing up to the second floor and checking for open
> windows, perhaps the court would have found differently.
I'm sure they would, but it's a deeply flawed analogy.
How many ports must be scanned before you deem it an attack? Is one port
enough? Five? 50?
If you pick a number here, is that arbitrary, or do you have a valid
logical (and legally-supportable) reason for the number?
If one port is sufficient, then the act of typing an IP address into a
web browser to see if there's a web server listening is a crime.
--4jXrM3lyYWu4nBt5
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6P6+iEcl9bQ0RMt0RAlbpAKDFfrE1g8HxsklSlDAvzn11Z65ymwCfYtna
X5CZkI4wtmSMTBWcM1tAnQI=
=Q5JG
-----END PGP SIGNATURE-----
--4jXrM3lyYWu4nBt5--
