[32965] in North American Network Operators' Group
RE: Port scanning legal
daemon@ATHENA.MIT.EDU (Roeland Meyer)
Tue Dec 19 17:36:46 2000
Message-ID: <9DC8BBAD4FF100408FC7D18D1F0922869B7F@condor.mhsc.com>
From: Roeland Meyer <rmeyer@mhsc.com>
To: "'Steven M. Bellovin'" <smb@research.att.com>,
"Edward S. Marshall" <emarshal@logic.net>
Cc: nanog@merit.edu
Date: Tue, 19 Dec 2000 14:30:06 -0800
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Errors-To: owner-nanog-outgoing@merit.edu
> From: Steven M. Bellovin [mailto:smb@research.att.com]
> Sent: Tuesday, December 19, 2000 2:23 PM
Thanks for re-quoting this ...
> In message
> <Pine.LNX.4.30.0012190930530.27364-100000@labyrinth.local>, "Edward
> S. Marshall" writes:
> >
> >http://www.securityfocus.com/templates/article.html?id=126
> >This may have ramifications for both security professionals
> and abuse desk
> >personnel; this ruling would seem to make it clear that you
> cannot claim
> >time spent investigating abuse issues as damage. The
> complete finding is
> >here:
> >
> > http://pub.bna.com/eclr/00434.htm
> >
> >Any armchair lawyers on the list want to take a crack at this?
After reading the specifics I could find. It would seem that you could bill
for the investigation only AFTER there has been a break-in. Bad analogies
aside, a port scan isn't a break-in, by any stretch of the imagination.
Therefore, on its own, it's not billable. However, if a break-in has been
proven, time spent on the investigation, before-hand, becomes billable.
--
IANAL - I Am Not A Lawyer. Before taking action on anything I say, you are
encouraged to seek legal advice.
