[32948] in North American Network Operators' Group
Re: Port scanning legal
daemon@ATHENA.MIT.EDU (Alex Rubenstein)
Tue Dec 19 14:08:54 2000
Date: Tue, 19 Dec 2000 14:06:04 -0500 (Eastern Standard Time)
From: Alex Rubenstein <alex@nac.net>
To: Shawn McMahon <smcmahon@eiv.com>
Cc: nanog@merit.edu
In-Reply-To: <20001219135738.C10893@eiv.com>
Message-ID: <Pine.WNT.4.05.10012191404560.816-100000@kerplewie>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 19 Dec 2000, Shawn McMahon wrote:
> How many ports must be scanned before you deem it an attack? Is one port
> enough? Five? 50?
I don't deem a port scan as vicious or an attack.
> If you pick a number here, is that arbitrary, or do you have a valid
> logical (and legally-supportable) reason for the number?
No.
> If one port is sufficient, then the act of typing an IP address into a
> web browser to see if there's a web server listening is a crime.
Agreed, which is why I said the first.
